SSL connection errors found in the Unix syslog. (NETIQKB37537)

fact
VigilEnt Security Agent for Unix 4.0

fact
VigilEnt Security Agent for Unix 5.0

fact
VigilEnt Security Manager

symptom
SSL connection errors found in the Unix syslog.

symptom
Unable to register Unix agents in VigilEnt Security Manager.

symptom
SSL error in syslog or can not register Unix agents in VSM

symptom
uvservd[23786]: SSL_connect failed

symptom
uvservd[23786]: 23786:error:1408F10B:SSL routines:SSL3_GE T_RECORD:wrong version number:s3_pkt.c:284:

symptom
uvservd[1695]: Failed Handshake

symptom

uvservd[1695]: SSL_connect failed, errcode = 1

cause
This issue is caused by the SSL key being out of sync in VigilEnt Security Manager and VigilEnt Security Agent for Unix.

fix

To resolve this issue, please refer to the following:

1. Delete the endpoint, agent, and system from VigilEnt Security Manager (VSM).
   
   
2. On the VSA for Unix machine change directories to the agent install directory $INSTALL_DIR/$OS/vsau/local/cache. Remove the two SSL key. See below for an example:
   
   
   # rm secretkey827
   # rm secret827
    
   
3. Add the system, agent, and enpoint back into VSM.

fix

If there is still a problem registering the VSA for Unix agent with VSM from a command prompt on the Unix host, run the following command and send the output to Tech Support.

1. Change directories to $INSTALL_DIR/OS/bin
   
2. As root user type ./wcRegister.

This commands tries to register the agent with VSM.  Any problems registering the agent will output to the console you ran the command from.

Formerly known as NETIQKB37537