Follow

Interset Sensor on OS X is Unable to Connect via AD Authentication - SSL connect error (35)

In the Agent's Agent.log file (/Users/<username>/Library/Logs/FileTrek/Agent.log), the following error is seen: 

Curl request failed. Curl error msg/code is: SSL connect error (35) url=<ENDPOINT_SERVER>

This is caused by the ssl_ciphers settings used in the nginx configuration with our default nginx.conf file.

 

To correct this issue:

  • Logon to the Flow server 
  • Edit the '/etc/nginx/conf.d/flow.conf' file 
  • Look for the line 'ssl_ciphers ...' 
  • Change that line to;

ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!MD5:!PSK:!RC4;

  • Restart nginx (sudo service nginx restart)

Following this, the Sensor instances deployed to OS X should be able to properly authenticate when the user is logged in with an Active Directory account.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk