This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
Webinar May 14th: Gemini's generative AI within Google SecOps
Webinar May 29th: Log Ingestion: Bindplane + Google SecOps
Log in to ask a question

Remote Agent Certificate Validation Errors

Posted 2 weeks ago
donkos
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

We are trying to have a remote agent communicate with a firewall management console on prem but we're getting certificate validation errors. it looks like we need to amend the default CA bundle in the docker container, I believe.
Here's the error:

curl: (60) Peer's certificate issuer has been marked as not trusted by the user.
More details here: http://curl.haxx.se/docs/sslcerts.html

The below message comes up when we try to curl to the console IP.

 

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.


Anyone come across similar issues with remote agents or have any suggestions on what to try?

0 4 138
Topic Labels
0 Likes
4 REPLIES 4

Posted on --/--/---- --:-- AM
SoarAndy
Staff
Reply posted on --/--/---- --:-- AM

Connectors (including through an Agent) have this option, can you disable and try again?

SoarAndy_0-1745589007974.png

Otherwise might this be a 'standard' SSL chaining/bundle question for the OS/Docker (i.e. you can use much more documented support pages on the internet who have posted robust testing docs)

0 Likes

Posted on --/--/---- --:-- AM
donkos
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

@SoarAndy Thanks Andy, I think an issue we were having is we were having issues amending the docker container in the remote agent (not enough or correct privileges).

0 Likes

Posted on --/--/---- --:-- AM
hzmndt
Staff
Reply posted on --/--/---- --:-- AM

With the other customer, we managed to fix by:

-> need to add below in the user siemplify_agent env:export REQUESTS_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt
-> you can add inside docker container below file:/home/siemplify_agent/.bashrc or .bash_profile
then restart the docker

Please try @donkos 

0 Likes

Posted on --/--/---- --:-- AM
donkos
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

@hzmndt 
I performed your suggested steps. To confirm that the env was saved correctly in the docker container:

[siemplify_agent@e8a153470f4b SiemplifyAgent]$ echo $REQUESTS_CA_BUNDLE
/etc/pki/tls/certs/ca-bundle.crt

I'm still getting the same SSL error when trying to curl against the url of the firewall management console on prem



0 Likes