Forum Discussion

aniketvpandey's avatar
aniketvpandey
Copper Contributor
Aug 07, 2020

Azure ATP sensor : Could not create SSL/TLS secure channel

Hi All,   I have multiple DC on which Azure ATP sensor is working fine, however on one of Domain controller 2008 R2 server it is throwing below error   Error ExceptionHandler Microsoft.Tri.Infras...
EliOfek's avatar
EliOfek
Icon for Microsoft rankMicrosoft
Aug 07, 2020

aniketvpandey something is blocking proper TLS communication on localhost between the sensor process and the updater process.

 

  • aniketvpandey's avatar
    aniketvpandey
    Copper Contributor
    Aug 08, 2020

    EliOfek thanks for your advise, anything you would like to advise, it was working before?

     

    I have checked TLS 1.2 enabled

    • EliOfek's avatar
      EliOfek
      Icon for Microsoft rankMicrosoft
      Aug 08, 2020

      aniketvpandey 

       

      The TLS communication is on localhost :444, any chance there is a new FW rule that cause issues?

       

      Some of the cases we know about were resolved by making sure these registry values are set to 0 (1 is not the default)

       

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL]

      "DisableRenegoOnServer"=dword:00000001

      "DisableRenegoOnClient"=dword:00000001

       

      Was ADFS installed on this machine by any chance?

       

       

      • Sebastien65's avatar
        Sebastien65
        Copper Contributor
        Apr 13, 2022

        EliOfek 

        Hello,
        I have the same problem on ADFS Sensor. It's Windows server 2019.
        I didn't have problem on the Domain Controller just on ADFS.

         

        The service Update is running but not the service AATPSensor. It just starting again and again.

        Can you help me?

         

        Error:

        2022-04-13 08:03:19.6535 Error ExceptionHandler Microsoft.Tri.Infrastructure.ExtendedException: RestrictCpuAsync failed, exiting ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
        at Stream System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, out TransportContext context)
        at void System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)
        --- End of inner exception stack trace ---
        at async Task<HttpResponseMessage> System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task<HttpResponseMessage> sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
        at async Task<TResponse> Microsoft.Tri.Common.CommunicationWebClient.SendAsync<TResponse>(byte[] requestBytes, int offset, int count)
        at async Task<TResponse> Microsoft.Tri.Common.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)
        at async Task Microsoft.Tri.Common.CommunicationWebClient.SendAsync(IVoidRequest request)
        at async Task Microsoft.Tri.Sensor.Common.ServiceProxy<TWebClientConfiguration>.SendAsync(IVoidRequest request)
        at async Task Microsoft.Tri.Sensor.SensorResourceManager.RestrictCpuAsync()
        --- End of inner exception stack trace ---

         

Resources