Agent Client Collector certificate error
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-12-2024 10:31 AM
Hi,
We are about to place ACC visibility for Linux machines, During the set up after installing the ACC-F we are facing the error below
"2024-12-10T12:56:14.34 [ERROR] [agent] [tls: failed to verify certificate: x509: cannot validate certificate for xx.xx.xx6.15 because it doesn't contain any IP SANs] reconnection attempt failed to the url: wss://xx.xx.xx6.15:443/ws/events, using api-key authentication failed"
I am not sure how to check the proper certification for ACC listener. Please let me know what should I need to do to resolve this.
@Severin Launiau @pratik0306 @Allen Andreas @SK Chand Basha @Sohail Khilji
Regards
Praneeth
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-12-2024 10:40 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-08-2025 08:35 PM
@PraneethSoz: it seems there is a mismatch between the wss you configured in the acc.yml and the certificate presented by your MID server. Generally speaking, use DNS A or CNAME records and avoid hardcoding IP addresses. If you are using a load-balancer and you are unsure about what's in there, just open a web browser on that url (using https instead of wss) and look at the certificate presented there. See if there is a Subject Alternative Name in the certificate extension. For a deeper dive, the doc "All about TLS" in the attachments of KB1122613. I provided specific commands for troubleshooting.
