The Issue:
Installing the ControlUp Monitor fails with timeout (screenshot)
After installation of ControlUp Monitor or when upgrading from a previous version, installation of the Monitor can fail to validate the certificate in environments without access to the internet.
Example:
The Cause:
The Monitor issues CRL authentication (click here for more information) to the internet in order to validate the certificate and the session times out (internet unreachable.)
Traced packets can revel connection attempt to cacerts.digicert.com
Known IP addresses: 104.16.238.184, 104.16.239.184, 104.16.237.184, 104.16.241.184, 104.16.240.184
crl3.digicert.com - aka: cs9.wac.phicdn.net IP: 72.21.91.29 crl4.digicert.com - aka: rvip1.ue.cachefly.net IP: 66.225.197.197
Suggested Solution:
To update CTL follow instructions here:
- Microsoft Trusted Root Certificate Program Updates
- Microsoft Support downloadable packages
- How to update step by step guide
The suggested workaround to this issue it to bypass the Monitor need to verify the digital signature or update trusted and disallowed CTLs in disconnected environments in Windows.
To manually apply the workaround for this issue: (A text file is downloadable below ready for use.)
- Go to -> C:\program files\controlup monitor\7.0.2.11
- on the remote machine create a notepad file and name it: cuMonitor.exe.config with the following text:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<runtime>
<generatePublisherEvidence enabled="false"/>
</runtime>
</configuration>
*To view similar issue with installing the Agent click here to view the article.