Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
362
Views
0
Helpful
1
Replies

IDSM-2 Error

jbanker
Level 1
Level 1

‎09-07-2006 03:22 PM - edited ‎03-10-2019 03:12 AM

I keep receiving theses two errors over and over again in my logs "WebSession::SessionTask(#) TLS exception: handshake imcomplete"

"received fatal_alert: certificate unknown"

Currently I use IPS manager 2.2, and import the devices using TLS (cant import without). I keep receiving these errors but don't know if it has to do with the ciscoworks box or not or how to correct them. Thanks for the help

Labels:
0 Helpful
1 Reply 1

marcabal
Cisco Employee
Cisco Employee

‎09-08-2006 07:36 AM

These errors generally happen when the sensor has generated a new certificate (like after a re-image, or a version 4.x to 5.0 upgrade).

There is a client still trying to connect to the sensor, but has the sensor's old certificate saved away.

This generaly happens with IEV or Security Monitor (within VMS).

How to track it down:

Create a service account.

Login with the service account.

Switch to user root (su -) using the same password as the service account.

Run "ifconfig -a" to determine the interface with the sensor's IP assigned to it.

Execute "tcpdump -i "

Look for what IP Addresses are attempting to connect to port 443 (HTTPS) of the sensor.

Track down these IP Addresses and ensure the software running on these IPs has been updated with the sensor's new certificate.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card