DXL Broker connection status shows as Not Connected
Last Modified: 2023-03-27 09:12:09 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
DXL Broker connection status shows as Not Connected
Technical Articles ID:
KB93909
Last Modified: 2023-03-27 09:12:09 Etc/GMT Environment
Data Exchange Layer (DXL) 6.x, 5.x, 4.x
Problem
The DXL Broker shows the Connection Status as follows: The above error is seen on the Server Settings, DXL client for ePO page, even though there are no connectivity problems. ![]() The errors below are recorded in the TLS Enabled. (src/brokerlib.cpp:439) Generating broker certificates... (src/brokerlib.cpp:241) Attempting to obtain broker certificates... (cert/src/BrokerCertsService.cpp:61) A runtime error occurred: Error open for writing private key: /var/McAfee/dxlbroker/keystore/broker.key.tmp (Permission denied) (src/brokerlib.cpp:543) Cleaning up DXL Broker... (src/brokerlib.cpp:672) Stopped dxl ma plugin. (maplugin/src/MAPlugin.cpp:261) DXL Broker starting... (src/brokerlib.cpp:330) Successfully created ma client. (maplugin/src/MAPlugin.cpp:86) Total 20 drwxr-xr-x 5 mfedxl mfedxl 4096 Dec 14 10:44 Ipe drwxr-xr-x 2 root root 4096 Dec 16 10:45 keystore drwxr-xr-x 2 mfedxl mfedxl 4096 Dec 22 12:35 logs drwxr-xr-x 2 mfedxl mfedxl 4096 May 8 2018 marker drwxr-xr-x 2 mfedxl mfedxl 4096 May 8 2018 policy Cause
The keystore folder is deleted and re-created with a root user. But, the folder and files must always be assigned to the SolutionStep 1: Change the ownership of the keystore folder to
Step 2: To connect to the ePO server, reconfigure Trellix Agent. Obtain an updated certificate and overwrite the files in the keystore folder.
NOTE: When a user is logged in with root, you see the # prompt. Otherwise, the user logon is shown as the $ prompt.
Affected ProductsLanguages:This article is available in the following languages: |
|