Contents x
    Deployment failures due to CRL Validation
      • Print
      • Dark
        Light
      • PDF
      Contents

      Deployment failures due to CRL Validation

        • Print
        • Dark
          Light
        • PDF
        Article Summary

        ControlUp Agents

        Issue

        Installing the ControlUp Agent fails with a timeout (screenshot)

        Timeout error

        An error occured while trying to start remote service. Service Request Timeout

        After installing the ControlUp Agent or upgrading from a previous version, the Real-Time Console may experience difficulties reconnecting to remote agents in environments without internet access.
        image.png

        Cause

        The Agent issues CRL authentication (click here for more information) to the internet to validate the certificate and the session times out (internet unreachable.)

        Traced packets can revel connection attempt to cacerts.digicert.com

        Known IP addresses:

        • 104.16.238.184
        • 104.16.239.184
        • 104.16.237.184
        • 104.16.241.184
        • 104.16.240.184
        • crl3.digicert.com - aka: cs9.wac.phicdn.net IP: 72.21.91.29
        • crl4.digicert.com - aka: rvip1.ue.cachefly.net IP: 66.225.197.197

        Suggested Solution

        To update CTL, follow the instructions here:

        Microsoft Trusted Root Certificate Program Updates
        Microsoft Support downloadable packages

        The suggested workaround for this issue is to bypass the agent's need to verify the digital signature or to update trusted and disallowed CTLs in disconnected environments in Windows.

        To manually apply the workaround for this issue: (A text file is downloadable below ready for use.)

        1. Go to C:\Program Files\Smart-X\ControlUpAgent\Version 7.1.0.124
        2. On the remote machine create a text file and name it: cuAgent.exe.config with the following content:
        <?xml version="1.0" encoding="utf-8">
<configuration>
<runtime>
<generatePublisherEvidence enabled="false"/>
</runtime>
</configuration>

        A text file is downloadable below ready for use:

        cuAgent.exe.config

        ControlUp Monitors

        Issue

        Installing the ControlUp Monitor fails with timeout (screenshot)

        Timeout error

        Failed to start ControlUp Monitor Service. An error occurred while trying to start remote service. Service Request Timeout.

        After installation of ControlUp Monitor or when upgrading from a previous version, the installation of the Monitor can fail to validate the certificate in environments without access to the internet.

        Example:
        360000185049image002.png

        Cause

        The Monitor issues CRL authentication (click here for more information) to the internet in order to validate the certificate and the session times out (internet unreachable.)

        Traced packets can revel connection attempt to cacerts.digicert.com

        Known IP addresses:

        • 104.16.238.184
        • 104.16.239.184
        • 104.16.237.184
        • 104.16.241.184
        • 104.16.240.184
        • crl3.digicert.com - aka: cs9.wac.phicdn.net IP: 72.21.91.29
        • crl4.digicert.com - aka: rvip1.ue.cachefly.net IP: 66.225.197.197

        **Suggested Solution

        To update CTL follow instructions here:

        The suggested workaround to this issue it to bypass the Monitor need to verify the digital signature or update trusted and disallowed CTLs in disconnected environments in Windows.
        To manually apply the workaround for this issue: (A text file is downloadable below ready for use.)

        1. Go to C:\Program Files\ControlUpMonitor\7.0.2.11
        2. On the remote machine, create a notepad file and name it: cuMonitor.exe.config with the following text:
        <xml version="1.0" encoding="utf-8"?>
<configuration>
<runtime>
<generatePublisherEvidence enabled="false"/>
</runtime>
</configuration>
        Was this article helpful?
        What's Next