cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

DxlConnection: bad certificate detected

We installed Agent from MVISION ePO then we found problem can't wake-up the Agent but the agent still can receive task/policy by interval connection.

We checked on dxl-sevice.log found error below.

2022-03-04 14:42:49.662 [P6][Information] DxlConnection: connectBroker: process and sort broker list for direct connection
2022-03-04 14:42:49.662 [P15][Information] DxlServiceTimerThread: no broker connection, next retry in 468 seconds
2022-03-04 14:42:49.701 [P6][Information] DxlHostSort: broker dxlweb-usw001.mvision.mcafee.com:{134afc08-e91e-4c70-928f-ef3bb58d5769} hop 0 pingtime 0 us
2022-03-04 14:42:49.739 [P6][Information] DxlHostSort: broker dxl-usw001.mvision.mcafee.com:{134afc08-e91e-4c70-928f-ef3bb58d5769} hop 0 pingtime 0 us
2022-03-04 14:42:49.739 [P6][Information] DxlConnection: connectBroker: attempting to connect to a broker with sorted list
2022-03-04 14:42:49.739 [P6][Information] DxlConnection: connectBroker: connect to broker dxlweb-usw001.mvision.mcafee.com:{134afc08-e91e-4c70-928f-ef3bb58d5769} with url = wss://34.212.159.212:443
2022-03-04 14:42:50.240 [P6][Error] DxlMQTTConnection: SSL_ERROR_SSL SSL_connect: 0x14090086 - error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2022-03-04 14:42:50.240 [P6][Error] DxlConnection: bad certificate detected
2022-03-04 14:42:50.240 [P6][Information] DxlConnection: connectBroker: connect to broker dxl-usw001.mvision.mcafee.com:{134afc08-e91e-4c70-928f-ef3bb58d5769} with url = ssl://52.42.43.157:443
2022-03-04 14:42:50.730 [P6][Error] DxlMQTTConnection: SSL_ERROR_SSL SSL_connect: 0x14090086 - error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2022-03-04 14:42:50.731 [P6][Error] DxlConnection: bad certificate detected
2022-03-04 14:42:50.731 [P6][Information] DxlConnection: connectBroker: process and sort broker list for proxy connection
2022-03-04 14:42:50.731 [P6][Information] DxlConnection: connectBroker: attempting to connect to a broker with sorted list
2022-03-04 14:42:50.753 [P6][Information] DxlConnection: connectBroker: connect to broker directly. URL: wss://dxlweb-usw001.mvision.mcafee.com:443 is in exclusion list
2022-03-04 14:42:51.248 [P6][Error] DxlMQTTConnection: SSL_ERROR_SSL SSL_connect: 0x14090086 - error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2022-03-04 14:42:51.248 [P6][Error] DxlConnection: bad certificate detected
2022-03-04 14:42:51.264 [P6][Information] DxlConnection: connectBroker: connect to broker directly. URL: ssl://dxl-usw001.mvision.mcafee.com:443 is in exclusion list
2022-03-04 14:42:51.759 [P6][Error] DxlMQTTConnection: SSL_ERROR_SSL SSL_connect: 0x14090086 - error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
2022-03-04 14:42:51.759 [P6][Error] DxlConnection: bad certificate detected
2022-03-04 14:46:50.645 [P15][Error] DxlServiceTimerThread: Exceeded certificate error limit, triggering certificate regeneration
2022-03-04 14:46:50.646 [P15][Warning] DxlState: failed to get selected affinity node
2022-03-04 14:46:50.646 [P15][Warning] DxlState: failed to get broker parents
2022-03-04 14:46:50.646 [P15][Warning] DxlState: failed to get affinity brokers
2022-03-04 14:46:50.646 [P15][Error] DxlState: Broker list is empty
2022-03-04 14:46:52.304 [P15][Information] DxlCertProvisioner: Created new private key, and generated new CSR request
2022-03-04 14:46:52.304 [P15][Information] DxlDataChannel: Sending datachannel message DXL_CERTSIGN_V3_REQUEST ...
2022-03-04 14:46:52.304 [P15][Information] DxlDataChannel: ...Sent datachannel with correlation Id: 794755536
2022-03-04 14:46:55.548 [P0][Information] DxlDataChannel: notification callback invoked product id = DXL_____1000, message id=DXL_CERTSIGN_V3_REQUEST, correlation id=794755536, notification=1
2022-03-04 14:46:55.855 [P0][Information] DxlDataChannel: message callback invoked product id = DXL_____1000, message id=DXL_CERTSIGN_V3_RESPONSE, correlation id=794755536
2022-03-04 14:46:55.857 [P0][Information] DxlCertProvisioner: Wrote client certificate file
2022-03-04 14:46:55.858 [P0][Information] DxlCertProvisioner: Wrote broker chain certificate file
2022-03-04 14:46:55.858 [P0][Information] DxlCertProvisioner: Cert Version from DC message :27
2022-03-04 14:46:55.858 [P0][Information] DxlCertProvisioner: Regen Version from DC message :1

Whos ever to seen this error please help us.

Thank you.

1 Reply
aguevara
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: DxlConnection: bad certificate detected

It looks like something something is in between the client and our servers inspecting that SSL traffic and possibly injecting a certificate we don't trust, at this point a Wireshark might help you understand what's happening , if you need help with that please open a support request and we can help you analysing that.

Regards

Alejandro

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community