We’ve enabled the DISA STIG Checklist for Windows 7, but the site seems to hang before gathering data from sync.bigifix server. Any leads on troubleshooting this?
They still haven’t fixed it! Or I should say they fixed it one time, and then let it break again.
Go into the relay diagnostics and see what the error says. I am willing to bet it will be the same error we are having, Error Message: 31: class NoAuthorizedSignature (class X509VerifyError<20>).
I have put a PMR in for IBM to fix this in the past, and they fixed it that time. But it appears that the fix did not get put into production as the error is back. Perhaps a new PMR should be opened.
I’ve tried this on BES platform ver 9.5.2.56 Console and I could see this site gathered successfully in GatherDB
Mon, 13 Mar 2017 14:57:47 -0700 – Beginning import of version 28 of site DISA STIG Checklist for Windows 7
Mon, 13 Mar 2017 14:58:30 -0700 – Import of version 28 of site DISA STIG Checklist for Windows 7 completed successfully
Can you please share the BES Client log and GatherDB log if possible from the BES Server machine
Will look into the details of the PMR you mentioned as well
Wed, 15 Mar 2017 04:13:52 -0400 – Unexpected exception during gather of site DISA STIG Checklist for Windows 7: Unexpected HTTP response: 404
Wed, 15 Mar 2017 05:15:42 -0400 – Beginning import of version 1010 of site Updates for Windows Applications
Wed, 15 Mar 2017 05:18:27 -0400 – Import of version 1010 of site Updates for Windows Applications completed successfully
Wed, 15 Mar 2017 05:18:58 -0400 – Unexpected exception during gather of site DISA STIG Checklist for Windows 7: Unexpected HTTP response: 404
Wed, 15 Mar 2017 06:20:48 -0400 – Unexpected exception during gather of site DISA STIG Checklist for Windows 7: Unexpected HTTP response: 404
Wed, 15 Mar 2017 07:22:41 -0400 – Unexpected exception during gather of site DISA STIG Checklist for Windows 7: Unexpected HTTP response: 404
Wed, 15 Mar 2017 08:24:30 -0400 – Unexpected exception during gather of site DISA STIG Checklist for Windows 7: Unexpected HTTP response: 404
Wed, 15 Mar 2017 09:28:21 -0400 – Beginning import of version 2708 of site Enterprise Security
Wed, 15 Mar 2017 09:39:46 -0400 – Import of version 2708 of site Enterprise Security completed successfully
Wed, 15 Mar 2017 09:40:26 -0400 – Unexpected exception during gather of site DISA STIG Checklist for Windows 7: Unexpected HTTP response: 404
Wed,
In my case, I newly turned on the DISA STIG Checklist for Win 7 and it started with the NoAuthorizedSignature issues after trying the first AirgapResponse import.
I have another server running the DISA STIG checkist for win 7 with no issues.
I have a PMR open 24111,082,000. I would appreciate it if you could look at the PMR, because LVL 2 wants me to turn McAfee AV off which we cannot do in this Air Gapped environment. So its blocking progress through IBM Support.
Propagated a new version of this site ( DISA STIG Checklist for Windows 7)
The new site ver is 30
Changelist:
Used an updated cert file to propagate the site and the site now gathers well both in a SHA 256 or a SHA1 environments on different versions of BES
Here are some details from GatherDB log
Wed, 15 Mar 2017 17:54:29 -0700 – Beginning import of version 30 of site DISA STIG Checklist for Windows 7
Wed, 15 Mar 2017 17:57:07 -0700 – Import of version 30 of site DISA STIG Checklist for Windows 7 completed successfully
This issue should be resolved now…
Please let us know if you are still seeing any issues with gathering of this site…
Thanks Dave for letting us know that this site gather is working good for you now…
And also thanks for sharing the log details and for your help in troubleshooting it and also for creating a Forum topic…