Error "Can't download file 'SSL protocol not supported.'" for 'download now' command

Teeravut · September 30, 2021, 10:01am

Hi,

I want to use ‘download now’ Action Script command to download file on internet from client side and got the error Command failed (Can’t download file ‘SSL protocol not supported.’) download now. I tried to trace and found that some websites I could download but some websites I could not download. It seems the BigFix still connect with TLS v1 that failed connecting on some website that restrict using only TLS v1.2. Are there anyone can help me find the way solve this issue to enforce BigFix connect to website using TLS v1.2?

if we do following this https://help.hcltechsw.com/bigfix/10.0/platform/Platform/Installation/c_security_settings.html?hl=enhanced%2Csecurity that require to use SHA256 instead of SHA1, it’ll impact with existing created tasks. And I don’t sure that it’ll solve my issue or not?

Thanks.

JasonWalker · September 30, 2021, 10:02am

Is this a download link you can share?

straffin · February 27, 2023, 8:58pm

@JasonWalker - The OP seems to have disappeared, but I’m now having this problem as well.

Action script:
download now "https://oitde-files.oit.duke.edu/ts9hres4sf/CrowdStrike/cswindiag.exe.sha256"

Log Results:
At 15:19:45 -0500 - actionsite (http://bf01.aas.duke.edu:52311/cgi-bin/bfgather.exe/actionsite) Command failed (Can't download file 'SSL protocol not supported.') download now "https://oitde-files.oit.duke.edu/ts9hres4sf/CrowdStrike/cswindiag.exe.sha256" (action:117576261)

Oddly enough, I also received a similar error just before this:
At 15:19:45 -0500 - Error posting report to: 'http://oit-bfrel-pap4.win.duke.edu:52311/cgi-bin/bfenterprise/PostResults.exe' (SSL protocol not supported.)

Related?

JasonWalker · February 27, 2023, 9:01pm

Is your root server at 10.0.8, and is it using a custom certificate for REST API? I think it could be related to BigFix 10.0.8 | Upgraded from 10.0.5 - with Internal CA SSL Certificate - The BigFix Client on the Root Server showing the following error: Error " RegisterOnce: Relay does not support secure registration."

JasonWalker · February 27, 2023, 9:02pm

Better link and KB articles at BigFix platform 10.0.8 - Client registration issue

straffin · February 27, 2023, 9:12pm

Will check them out… thanks!