Project

General

Profile

TLS handshake failed

Added by Henry Depu over 7 years ago

Hi,

I want to create a custom python sensor and register it at my prelude manager. The sensor and manager are running on different machines. Everytime I try to register, I get the error message of a failed TLS handshake.
I even tried to run and register your python example at https://www.prelude-siem.org/projects/prelude/wiki/DevelAgentBuilding on the same machine as the manager, but I got the same error:

root@debian770:~# prelude-manager
11 Aug 17:58:17 (process:2287) INFO: Subscribing Normalize to active decoding plugins.
11 Aug 17:58:17 (process:2287) INFO: server started (listening on 172.16.15.116 port 5553).
11 Aug 17:58:17 (process:2287) INFO: Subscribing db[default] to active reporting plugins.
11 Aug 17:58:21 (process:2287) WARNING: [172.16.15.116:49611]: TLS error: Could not negotiate a supported cipher suite..
11 Aug 17:58:21 (process:2287) INFO: [172.16.15.116:49611]: closing connection.

root@debian770:~# prelude-admin register "MySensor" "idmef:w" 172.16.15.116:5553 --uid 1000 --gid 1000

You now need to start "prelude-admin" registration-server on 172.16.15.116:5553:
example: "prelude-admin registration-server prelude-manager" 

Enter the one-shot password provided on 172.16.15.116:5553:
Confirm the one-shot password provided on 172.16.15.116:5553:

Connecting to registration server (172.16.15.116:5553)...

GnuTLS handshake failed: Handshake failed.

Do you have any idea how to solve this?


Replies (2)

RE: TLS handshake failed - Added by Antoine LUONG over 7 years ago

Hello,

Can you please post the output of the registration-server command you typed?

Regards

RE: TLS handshake failed - Added by Henry Depu over 7 years ago

Thank you for your qick reply.
I remembered the "prelude-admin registration-server prelude-manager" call wrong and didn't read the manual right.
After following the given instructions everything is working fine and my problem is therefore solved.

Sry for bothering you.

    (1-2/2)