topic IDSM-2 Error in Network Security https://community.cisco.com/t5/network-security/idsm-2-error/m-p/619959#M92456 <P>I keep receiving theses two errors over and over again in my logs "WebSession::SessionTask(#) TLS exception: handshake imcomplete"</P><P></P><P>"received fatal_alert: certificate unknown"</P><P></P><P>Currently I use IPS manager 2.2, and import the devices using TLS (cant import without). I keep receiving these errors but don't know if it has to do with the ciscoworks box or not or how to correct them. Thanks for the help </P> Sun, 10 Mar 2019 10:12:29 GMT jbanker 2019-03-10T10:12:29Z IDSM-2 Error https://community.cisco.com/t5/network-security/idsm-2-error/m-p/619959#M92456 <P>I keep receiving theses two errors over and over again in my logs "WebSession::SessionTask(#) TLS exception: handshake imcomplete"</P><P></P><P>"received fatal_alert: certificate unknown"</P><P></P><P>Currently I use IPS manager 2.2, and import the devices using TLS (cant import without). I keep receiving these errors but don't know if it has to do with the ciscoworks box or not or how to correct them. Thanks for the help </P> Sun, 10 Mar 2019 10:12:29 GMT https://community.cisco.com/t5/network-security/idsm-2-error/m-p/619959#M92456 jbanker 2019-03-10T10:12:29Z Re: IDSM-2 Error https://community.cisco.com/t5/network-security/idsm-2-error/m-p/619960#M92457 <HTML><HEAD></HEAD><BODY><P>These errors generally happen when the sensor has generated a new certificate (like after a re-image, or a version 4.x to 5.0 upgrade).</P><P>There is a client still trying to connect to the sensor, but has the sensor's old certificate saved away.</P><P>This generaly happens with IEV or Security Monitor (within VMS).</P><P></P><P>How to track it down:</P><P>Create a service account.</P><P>Login with the service account.</P><P>Switch to user root (su -) using the same password as the service account.</P><P>Run "ifconfig -a" to determine the interface with the sensor's IP assigned to it.</P><P>Execute "tcpdump -i <INTERFACE>" </INTERFACE></P><P>Look for what IP Addresses are attempting to connect to port 443 (HTTPS) of the sensor.</P><P></P><P>Track down these IP Addresses and ensure the software running on these IPs has been updated with the sensor's new certificate.</P><P></P></BODY></HTML> Fri, 08 Sep 2006 14:36:49 GMT https://community.cisco.com/t5/network-security/idsm-2-error/m-p/619960#M92457 marcabal 2006-09-08T14:36:49Z