Resolution
fact
VigilEnt Security Agent for Unix 4.0
fact
VigilEnt Security Agent for Unix 5.0
fact
VigilEnt Security Manager
symptom
SSL connection errors found in the Unix syslog.
symptom
Unable to register Unix agents in VigilEnt Security Manager.
symptom
SSL error in syslog or can not register Unix agents in VSM
symptom
uvservd[23786]: SSL_connect failed
symptom
uvservd[23786]: 23786:error:1408F10B:SSL routines:SSL3_GE T_RECORD:wrong version number:s3_pkt.c:284:
symptom
uvservd[1695]: Failed Handshake
symptom
cause
This issue is caused by the SSL key being out of sync in VigilEnt Security Manager and VigilEnt Security Agent for Unix.
fix
fix
VigilEnt Security Agent for Unix 4.0
fact
VigilEnt Security Agent for Unix 5.0
fact
VigilEnt Security Manager
symptom
SSL connection errors found in the Unix syslog.
symptom
Unable to register Unix agents in VigilEnt Security Manager.
symptom
SSL error in syslog or can not register Unix agents in VSM
symptom
uvservd[23786]: SSL_connect failed
symptom
uvservd[23786]: 23786:error:1408F10B:SSL routines:SSL3_GE T_RECORD:wrong version number:s3_pkt.c:284:
symptom
uvservd[1695]: Failed Handshake
symptom
uvservd[1695]: SSL_connect failed, errcode = 1
cause
This issue is caused by the SSL key being out of sync in VigilEnt Security Manager and VigilEnt Security Agent for Unix.
fix
To resolve this issue, please refer to the following:
- Delete the endpoint, agent, and system from VigilEnt Security Manager (VSM).
- On the VSA for Unix machine change directories to the agent install directory $INSTALL_DIR/$OS/vsau/local/cache. Remove the two SSL key. See below for an example:
# rm secretkey827
# rm secret827
- Add the system, agent, and enpoint back into VSM.
fix
If there is still a problem registering the VSA for Unix agent with VSM from a command prompt on the Unix host, run the following command and send the output to Tech Support.
- Change directories to $INSTALL_DIR/OS/bin
- As root user type ./wcRegister.
This commands tries to register the agent with VSM. Any problems registering the agent will output to the console you ran the command from.
Additional Information
Formerly known as NETIQKB37537