Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Azure

Reply

Azure Discovery

New Member
Posts: 2
7886     2

I am using the "Azure_vNIOS_Install.pdf" guide to set up a demo for a customer. I have a single Ubunti vm running in Azure. I have successfully created a vDiscovery job with Service Endpoint, Client ID and Client Secret details. The vDiscovery job runs without error but does not report anything. In the syslog I see Number of TENANT, Number of VM etc all at 0.

 

There is a subsequent section in the guide "Adding vDiscovery Application as a New User". I don't believe that I have done that but the screen shots in the guide do not match what I see in the Azure portal.

 

Any help would be appreciated.

Re: Azure Discovery

Superuser
Posts: 65
7886     2

There have been some changes to this in the Azure Portal since that guide was published. Please take a look at the new Deployment Guide: Deploy vNIOS in Azure Using ARM Templates. The section on Infoblox vDiscovery for Azure has updated screenshots and step-by-step guidance on App Registration and assigning permissions.

Re: Azure Discovery 60, 'SSL certificate problem'

[ Edited ]
New Member
Posts: 1
7886     2

I have not been capable to launch this service correctly for several days,
it's not mentioned anywhere in the Azure-infoblox-vnios-deployment-guide


Error while running the job: The job has failed. If the "ERROR: PycURL error: (60, 'SSL certificate problem: unable to get local issuer certificate')" error message is displayed, it means that the certificate has expired or is invalid.

I need to remove the expired or invalid certificate and upload a new one but how ?

 

<span id="id1af" class="ib-cdiscovery-status-error-icon" 
title="initialize or call AZURE cdiscovery driver ERROR:
PycURL error: (60, 'SSL certificate problem: unable to get local issuer certificate')
ret=DRIVER_ERROR">
Error while running Job</span>

 

Re: Azure Discovery 60, 'SSL certificate problem'

Superuser
Posts: 65
7886     2
To add the new certificates, go to the URL of your OAuth token endpoint, for example: https://login.microsoftonline.com/<tenant_id>/oauth2/token. The <tenant_id> will be your Azure tenant ID. From that site, download the intermediate and root certificates; you should end up with files like: stamp2-login-microsoftonline-com.pem. 
 
In your Infoblox Grid Manager UI, go to the Grid - Grid Manager tab. In the toolbar, open the Certificates dropdown and select Manage CA Certificates. In the CA Certificates dialog that opens, click the + button and upload both the new certificates.

Re: Azure Discovery 60, 'SSL certificate problem'

Authority
Posts: 33
7886     2

Is there any other possible cause for this error? Continuing to see it after adding the Intermediate and Root certs.

Re: Azure Discovery 60, 'SSL certificate problem'

Superuser
Posts: 65
7886     2

I have been seeing this issue again lately. There have been some additional certificate changes on Microsoft's side.You will need to get a copy of the “Digicert Global Root CA” root CA certificate and load it into NIOS. The needed root CA certificate is available from the following web page: 

  https://www.digicert.com/kb/digicert-root-certificates.htm 

The specific root CA certificate is at the following URL (in PEM format): 

  https://cacerts.digicert.com/DigiCertGlobalRootG2.crt.pem 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You