Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
791
Views
15
Helpful
3
Replies

HTTPs Transport Mode has failed peer not authenticated -

mazher.alam
Level 1
Level 1

‎03-12-2020 12:12 PM

Hi  Cisco 

 

 

I was trying to get my SNTC portal up and running,to start, i put one IP in my CSPC and got the IP in my managed devices (discovery went fine) then i ran the collection and that job also went well. after clicking on upload, I got the following message:

 

HTTPs Transport Mode has failed peer not authenticated -

CSPC version 2.8.1.4

0 Helpful
3 Replies 3

adias
Cisco Employee
Cisco Employee

‎03-12-2020 01:43 PM

The following Ports must be open for a default SNTC deployment

PORTS.JPG

Does your collector is configured or needs to be configured with a Proxy?

 

In deploying the  image  you would have created the cli admin password?  (java based shell authentication is not the same as the GUI)

If so have you also created/activated  the users collectorlogin and root ? (real linux shell)

If not do the following for the cli admin  shell

admin# pwdreset root 90

And

admin# pwdreset collectorlogin 90

it will activate those accounts and generate their passwords  ( keep them where you can refer to them in the future)

after that

Via SSH Login to collector as user collectorlogin and then use command below to connect as root (cannot connect directly)

# su root

 

Send me the output of the following commands in Private message

 

# tail -100 /opt/ConcsoTgw/tail-end-gateway-decoupled/bin/CONN_TEG_LOGS/tail-end-gateway.log

# openssl s_client -showcerts -connect concsoweb-prd.cisco.com:443

# tail -100 /opt/ConcsoTgw/tail-end-gateway-decoupled/bin/nohup.out

# wget https://72.163.7.113/HeadEndWebAppServlet/ --no-check-certificate

adias
Cisco Employee
Cisco Employee
In response to adias

‎03-13-2020 09:40 AM - edited ‎03-13-2020 09:41 AM

 

 

Thank you for the logs and I have reviewed and here are the root cause for that message at the moment (HTTPs Transport Mode has failed peer not authenticated )

 

in reviewing the output of the command :

# openssl s_client -showcerts -connect concsoweb-prd.cisco.com:443

 

We can see that you company security is using what is a called a transparent proxy..  Cisco CSPC has a certificate that must be authenticated on backend. However your security is intercepting that certificate and injecting its own.

They need to whitelist the Collector IP so that they do not intercept the Cisco certificate.  A normal collector output of that command would be like the following :

 

# openssl s_client -showcerts -connect concsoweb-prd.cisco.com:443

CONNECTED(00000003)

depth=2 C = BM, O = QuoVadis Limited, CN = QuoVadis Root CA 2

verify error:num=19:self signed certificate in certificate chain

---

Certificate chain

0 s:/C=US/ST=CA/L=San Jose/O=Cisco Systems, Inc./CN=concsoweb-prd.cisco.com

   i:/C=US/O=HydrantID (Avalanche Cloud Corporation)/CN=HydrantID SSL ICA G2

 

 

adias
Cisco Employee
Cisco Employee
In response to adias

‎03-17-2020 07:33 AM

 

 

It is  not the IP or the dns of that IP that is causing the problem, ALL if there was any other would need to be allowed by your company.  Any other IP or DNS name for those servers if there were others would need to either be whitelisted sufficiently to directly go to its destination if you company intercept certificates or use a proxy that do allows it,

0 Helpful
Customers Also Viewed These Support Documents