TLS handshake failed
Added by Henry Depu about 8 years ago
Hi,
I want to create a custom python sensor and register it at my prelude manager. The sensor and manager are running on different machines. Everytime I try to register, I get the error message of a failed TLS handshake.
I even tried to run and register your python example at https://www.prelude-siem.org/projects/prelude/wiki/DevelAgentBuilding on the same machine as the manager, but I got the same error:
root@debian770:~# prelude-manager 11 Aug 17:58:17 (process:2287) INFO: Subscribing Normalize to active decoding plugins. 11 Aug 17:58:17 (process:2287) INFO: server started (listening on 172.16.15.116 port 5553). 11 Aug 17:58:17 (process:2287) INFO: Subscribing db[default] to active reporting plugins. 11 Aug 17:58:21 (process:2287) WARNING: [172.16.15.116:49611]: TLS error: Could not negotiate a supported cipher suite.. 11 Aug 17:58:21 (process:2287) INFO: [172.16.15.116:49611]: closing connection.
root@debian770:~# prelude-admin register "MySensor" "idmef:w" 172.16.15.116:5553 --uid 1000 --gid 1000 You now need to start "prelude-admin" registration-server on 172.16.15.116:5553: example: "prelude-admin registration-server prelude-manager" Enter the one-shot password provided on 172.16.15.116:5553: Confirm the one-shot password provided on 172.16.15.116:5553: Connecting to registration server (172.16.15.116:5553)... GnuTLS handshake failed: Handshake failed.
Do you have any idea how to solve this?
Replies (2)
RE: TLS handshake failed - Added by Antoine LUONG about 8 years ago
Hello,
Can you please post the output of the registration-server command you typed?
Regards
RE: TLS handshake failed - Added by Henry Depu about 8 years ago
Thank you for your qick reply.
I remembered the "prelude-admin registration-server prelude-manager" call wrong and didn't read the manual right.
After following the given instructions everything is working fine and my problem is therefore solved.
Sry for bothering you.