Application and Change Control Global Threat Intelligence registered server connection fails in ePO 5.10.x

Technical Articles ID: KB91492
Last Modified: 2022-11-25 04:58:02 Etc/GMT

Environment

Application and Change Control (ACC) 8.2.x
ePolicy Orchestrator (ePO) 5.10.x

Summary

An error can occur when you try to test the connection between ePO 5.10 and the Global Threat Intelligence (GTI) server.

Problem

When you test the connectivity between the ACC 8.2.x registered server in ePO 5.10.x, the GTI servers fail with an Internal Server Error.

The orion.log file records the following error:

ERROR [scheduler-InternalTask-thread-8] common.ScorInternalTask - Exception occurred while running internal task with UID: com.mcafee.scor.cloud.internalTask.FetchCloudDetailsTaskNewHashes org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use RSA key with non-approved size: 4096: RSA

Cause

4096-bit RSA key length isn't supported in ePO 5.10 because of changes in the cryptologic library.

Solution

This issue is resolved in the Application Control Extension 8.2.1.229.

Workaround

To support ePO 5.10, update the ACC client keys with 2048-bit keys instead of the 4096 length keys. Follow the steps below:

Download the UpdateClientCertSqlQuery.zip file from this article and extract.
Start MySQL Management Studio.
Select the ePO Database from the databases available in the MySQL Management Studio drop-down list.
Execute the extracted script using MySQL Management Studio.
Upon successful execution of this script, run the following ePO remote command using a browser:

https://<ePO IP>:<port>/remote/core.reload-plugin.do?name=SOLIDCORE_META

Attachment

UpdateClientCertSqlQuery.zip
3K • < 1 minute @ broadband

Affected Products

Languages:

This article is available in the following languages:

Knowledge Center

Application and Change Control Global Threat Intelligence registered server connection fails in ePO 5.10.x

Environment

Summary

Problem

Cause

Solution

Workaround

Attachment

Affected Products

Languages:

Title

Title

Knowledge Center

Application and Change Control Global Threat Intelligence registered server connection fails in ePO 5.10.x

Environment

Summary

Problem

Cause

Solution

Workaround

Attachment

Affected Products

Languages:

Choose your region

Title

Title