Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 12 subscribers
  • Views 9411 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Heartbeat 1.15.1122.0 Error: Standard exception: use_private_key: unsupported - no Heartbeat

LHerzog

Heartbeat is becoming my best friend.

Yesterday I identified a Windows Server that had no heartbeat due to expired certificates. I reinstalled the agent and all was fine.

Later the endpoint updated the heartbeat component from 1.15.835.0 to 1.15.1122.0 and since then, it does no longer appear with heartbeat on the firewall again.

I have never seen that error message - any suggestions on that? Standard exception: use_private_key: unsupported - no Heartbeat

I have not found a use_private_key in the HBT config or xml files on the client.

Client HBT Log:

2023-11-06T17:51:49.306Z [ 1876: 2072] A Starting Heartbeat version 1.15.835.0
2023-11-06T17:51:49.307Z [ 1876: 2072] A ----------------------------------------------------------------------------------------------------
2023-11-06T17:51:49.339Z [ 1876: 2212] A Connection succeeded.
2023-11-06T17:51:49.341Z [ 1876: 2212] A Connected to 'ed98a5bf-xxxx-xxxx-xxxx-xxxxxx13f1b' at IP address 52.5.76.173 on port 8347
2023-11-06T17:51:52.417Z [ 1876: 2216] A Inactive Interfaces changed.
2023-11-06T17:51:52.418Z [ 1876: 2216] A Active Interfaces:
MAC: 00:50:56:85:3C:53 - INET: 172.16.xxx.xxx - INET6: fe80::xxxx:xxxx:xxxx:2764
2023-11-06T17:51:52.435Z [ 1876: 2212] A Sending network status
2023-11-06T17:51:52.438Z [ 1876: 2212] A The network status has changed, the Firewall may disconnect.
2023-11-06T17:51:52.454Z [ 1876: 2212] A Received request to enable enhanced application control
2023-11-06T17:51:52.455Z [ 1876: 2212] A Sending endpoint state list request
2023-11-06T17:51:52.638Z [ 1876: 2212] A Received response to endpoint state list request, size: 1
2023-11-06T17:51:53.240Z [ 1876: 2212] A Sending login status.
2023-11-06T17:51:53.241Z [ 1876: 2212] A User: Server
2023-11-06T17:52:06.424Z [ 1876: 2212] A Sending health status: {"admin":1,"health":3,"service":3,"threat":1,"threatService":1}
2023-11-06T17:52:06.431Z [ 1876: 2212] A Received notification of endpoint state changes, size: 1
2023-11-06T17:55:06.687Z [ 1876: 2212] A Sending health status: {"admin":1,"health":1,"service":1,"threat":1,"threatService":1}
2023-11-06T17:55:06.695Z [ 1876: 2212] A Received notification of endpoint state changes, size: 1
2023-11-06T18:03:42.400Z [ 1876: 2212] A Received notification of endpoint state changes, size: 1
2023-11-06T18:03:57.401Z [ 1876: 2212] A Received notification of endpoint state changes, size: 1
2023-11-06T18:12:12.891Z [ 1876: 2212] A Received notification of endpoint state changes, size: 1
2023-11-06T18:21:35.842Z [ 1876: 2212] A Received notification of endpoint state changes, size: 1
2023-11-06T18:39:40.870Z [ 1876: 2212] A Received notification of endpoint state changes, size: 1
2023-11-06T18:59:19.192Z [ 1876: 2072] A ----------------------------------------------------------------------------------------------------
2023-11-06T18:59:19.193Z [ 1876: 2072] A Stopped Heartbeat
2023-11-06T18:59:19.194Z [ 1876: 2072] A ----------------------------------------------------------------------------------------------------
2023-11-06T18:59:22.682Z [ 2448: 6420] A ----------------------------------------------------------------------------------------------------
2023-11-06T18:59:22.683Z [ 2448: 6420] A Starting Heartbeat version 1.15.1122.0
2023-11-06T18:59:22.683Z [ 2448: 6420] A ----------------------------------------------------------------------------------------------------
2023-11-06T18:59:22.695Z [ 2448: 2176] E Standard exception: use_private_key: unsupported
2023-11-06T18:59:37.707Z [ 2448: 2176] E Standard exception: use_private_key: unsupported
2023-11-06T18:59:52.724Z [ 2448: 2176] E Standard exception: use_private_key: unsupported
2023-11-06T19:00:07.742Z [ 2448: 2176] E Standard exception: use_private_key: unsupported
2023-11-06T19:00:22.757Z [ 2448: 2176] E Standard exception: use_private_key: unsupported
2023-11-06T19:00:37.764Z [ 2448: 2176] E Standard exception: use_private_key: unsupported
...
2023-11-07T08:32:51.089Z [ 2448: 2176] E Standard exception: use_private_key: unsupported
2023-11-07T08:33:06.106Z [ 2448: 2176] E Standard exception: use_private_key: unsupported

2023-11-07T08:38:12.205Z [ 2448: 7076] A Log level changed to Debug (was Error): config read from SOFTWARE\Sophos\Logging\NTP
2023-11-07T08:38:14.441Z [ 2448: 1212] D Submitting message of type 1, 48 bytes
2023-11-07T08:38:21.445Z [ 2448: 2176] D + ConnectionThreadRunner::Run()
2023-11-07T08:38:21.445Z [ 2448: 2176] D + NotificationQueue::Clear()
2023-11-07T08:38:21.445Z [ 2448: 2176] D - NotificationQueue::Clear()
2023-11-07T08:38:21.445Z [ 2448: 2176] D + OutgoingQueue::Clear()
2023-11-07T08:38:21.445Z [ 2448: 2176] D - OutgoingQueue::Clear()
2023-11-07T08:38:21.445Z [ 2448: 2176] D + StonewallingDataProducer::SetConfigurationData()
2023-11-07T08:38:21.445Z [ 2448: 2176] D - StonewallingDataProducer::SetConfigurationData()
2023-11-07T08:38:21.445Z [ 2448: 2176] D Active UTM ID:
2023-11-07T08:38:21.445Z [ 2448: 2176] D Attempt to connect to IP address 52.5.76.173 on port: 8347
2023-11-07T08:38:21.445Z [ 2448: 2176] D + IoSslClient::Create()
2023-11-07T08:38:21.449Z [ 2448: 2176] D - IoSslClient::Create()
2023-11-07T08:38:21.449Z [ 2448: 2176] D + StonewallingDataConsumer::Notify()
2023-11-07T08:38:21.449Z [ 2448: 7052] D + StonewallingDataConsumer::AsyncNotify()
2023-11-07T08:38:21.449Z [ 2448: 2176] D - StonewallingDataConsumer::Notify()
2023-11-07T08:38:21.449Z [ 2448: 7052] D - StonewallingDataConsumer::AsyncNotify()
2023-11-07T08:38:21.449Z [ 2448: 2176] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct EnhancedAppControlRequestData>,class OutgoingConnectorInterfaceTemplate<struct EnhancedAppControlRequestData> >::Notify()
2023-11-07T08:38:21.449Z [ 2448: 7052] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct EnhancedAppControlRequestData>,class OutgoingConnectorInterfaceTemplate<struct EnhancedAppControlRequestData> >::AsyncNotify()
2023-11-07T08:38:21.449Z [ 2448: 2176] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct EnhancedAppControlRequestData>,class OutgoingConnectorInterfaceTemplate<struct EnhancedAppControlRequestData> >::Notify()
2023-11-07T08:38:21.449Z [ 2448: 7052] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct EnhancedAppControlRequestData>,class OutgoingConnectorInterfaceTemplate<struct EnhancedAppControlRequestData> >::AsyncNotify()
2023-11-07T08:38:21.449Z [ 2448: 2176] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct UnpackedData<1> >,class OutgoingConnectorInterfaceTemplate<struct UnpackedData<1> > >::Notify()
2023-11-07T08:38:21.449Z [ 2448: 7052] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct UnpackedData<1> >,class OutgoingConnectorInterfaceTemplate<struct UnpackedData<1> > >::AsyncNotify()
2023-11-07T08:38:21.449Z [ 2448: 2176] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct UnpackedData<1> >,class OutgoingConnectorInterfaceTemplate<struct UnpackedData<1> > >::Notify()
2023-11-07T08:38:21.449Z [ 2448: 7052] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct UnpackedData<1> >,class OutgoingConnectorInterfaceTemplate<struct UnpackedData<1> > >::AsyncNotify()
2023-11-07T08:38:21.449Z [ 2448: 2176] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct NetworkRequestData>,class OutgoingConnectorInterfaceTemplate<struct NetworkRequestData> >::Notify()
2023-11-07T08:38:21.449Z [ 2448: 7052] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct NetworkRequestData>,class OutgoingConnectorInterfaceTemplate<struct NetworkRequestData> >::AsyncNotify()
2023-11-07T08:38:21.449Z [ 2448: 2176] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct NetworkRequestData>,class OutgoingConnectorInterfaceTemplate<struct NetworkRequestData> >::Notify()
2023-11-07T08:38:21.449Z [ 2448: 7052] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct NetworkRequestData>,class OutgoingConnectorInterfaceTemplate<struct NetworkRequestData> >::AsyncNotify()
2023-11-07T08:38:21.449Z [ 2448: 2176] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct LoginRequestData>,class OutgoingConnectorInterfaceTemplate<struct LoginRequestData> >::Notify()
2023-11-07T08:38:21.449Z [ 2448: 7052] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct LoginRequestData>,class OutgoingConnectorInterfaceTemplate<struct LoginRequestData> >::AsyncNotify()
2023-11-07T08:38:21.449Z [ 2448: 2176] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct LoginRequestData>,class OutgoingConnectorInterfaceTemplate<struct LoginRequestData> >::Notify()
2023-11-07T08:38:21.449Z [ 2448: 7052] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct LoginRequestData>,class OutgoingConnectorInterfaceTemplate<struct LoginRequestData> >::AsyncNotify()
2023-11-07T08:38:21.449Z [ 2448: 2176] D - ConnectionThreadRunner::Run()
2023-11-07T08:38:21.449Z [ 2448: 2176] E Standard exception: use_private_key: unsupported
2023-11-07T08:38:29.448Z [ 2448: 1212] D Submitting message of type 1, 48 bytes
2023-11-07T08:38:30.318Z [ 2448: 1212] D Submitting message of type 1, 48 bytes
2023-11-07T08:38:30.524Z [ 2448: 2320] D Submitting message of type 0, 277 bytes
2023-11-07T08:38:36.450Z [ 2448: 2176] D + ConnectionThreadRunner::Run()
2023-11-07T08:38:36.450Z [ 2448: 2176] D + NotificationQueue::Clear()
2023-11-07T08:38:36.450Z [ 2448: 2176] D - NotificationQueue::Clear()
2023-11-07T08:38:36.450Z [ 2448: 2176] D + OutgoingQueue::Clear()
2023-11-07T08:38:36.450Z [ 2448: 2176] D - OutgoingQueue::Clear()
2023-11-07T08:38:36.450Z [ 2448: 2176] D + StonewallingDataProducer::SetConfigurationData()
2023-11-07T08:38:36.450Z [ 2448: 2176] D - StonewallingDataProducer::SetConfigurationData()
2023-11-07T08:38:36.450Z [ 2448: 2176] D Active UTM ID:
2023-11-07T08:38:36.451Z [ 2448: 2176] D Attempt to connect to IP address 52.5.76.173 on port: 8347
2023-11-07T08:38:36.451Z [ 2448: 2176] D + IoSslClient::Create()
2023-11-07T08:38:36.454Z [ 2448: 2176] D - IoSslClient::Create()
2023-11-07T08:38:36.454Z [ 2448: 2176] D + StonewallingDataConsumer::Notify()
2023-11-07T08:38:36.454Z [ 2448: 7052] D + StonewallingDataConsumer::AsyncNotify()
2023-11-07T08:38:36.454Z [ 2448: 2176] D - StonewallingDataConsumer::Notify()
2023-11-07T08:38:36.454Z [ 2448: 7052] D - StonewallingDataConsumer::AsyncNotify()
2023-11-07T08:38:36.454Z [ 2448: 2176] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct EnhancedAppControlRequestData>,class OutgoingConnectorInterfaceTemplate<struct EnhancedAppControlRequestData> >::Notify()
2023-11-07T08:38:36.454Z [ 2448: 7052] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct EnhancedAppControlRequestData>,class OutgoingConnectorInterfaceTemplate<struct EnhancedAppControlRequestData> >::AsyncNotify()
2023-11-07T08:38:36.454Z [ 2448: 2176] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct EnhancedAppControlRequestData>,class OutgoingConnectorInterfaceTemplate<struct EnhancedAppControlRequestData> >::Notify()
2023-11-07T08:38:36.454Z [ 2448: 7052] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct EnhancedAppControlRequestData>,class OutgoingConnectorInterfaceTemplate<struct EnhancedAppControlRequestData> >::AsyncNotify()
2023-11-07T08:38:36.454Z [ 2448: 2176] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct UnpackedData<1> >,class OutgoingConnectorInterfaceTemplate<struct UnpackedData<1> > >::Notify()
2023-11-07T08:38:36.454Z [ 2448: 7052] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct UnpackedData<1> >,class OutgoingConnectorInterfaceTemplate<struct UnpackedData<1> > >::AsyncNotify()
2023-11-07T08:38:36.454Z [ 2448: 2176] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct UnpackedData<1> >,class OutgoingConnectorInterfaceTemplate<struct UnpackedData<1> > >::Notify()
2023-11-07T08:38:36.454Z [ 2448: 7052] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct UnpackedData<1> >,class OutgoingConnectorInterfaceTemplate<struct UnpackedData<1> > >::AsyncNotify()
2023-11-07T08:38:36.454Z [ 2448: 2176] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct NetworkRequestData>,class OutgoingConnectorInterfaceTemplate<struct NetworkRequestData> >::Notify()
2023-11-07T08:38:36.454Z [ 2448: 7052] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct NetworkRequestData>,class OutgoingConnectorInterfaceTemplate<struct NetworkRequestData> >::AsyncNotify()
2023-11-07T08:38:36.454Z [ 2448: 2176] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct NetworkRequestData>,class OutgoingConnectorInterfaceTemplate<struct NetworkRequestData> >::Notify()
2023-11-07T08:38:36.454Z [ 2448: 7052] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct NetworkRequestData>,class OutgoingConnectorInterfaceTemplate<struct NetworkRequestData> >::AsyncNotify()
2023-11-07T08:38:36.454Z [ 2448: 2176] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct LoginRequestData>,class OutgoingConnectorInterfaceTemplate<struct LoginRequestData> >::Notify()
2023-11-07T08:38:36.454Z [ 2448: 7052] D + OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct LoginRequestData>,class OutgoingConnectorInterfaceTemplate<struct LoginRequestData> >::AsyncNotify()
2023-11-07T08:38:36.454Z [ 2448: 2176] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct LoginRequestData>,class OutgoingConnectorInterfaceTemplate<struct LoginRequestData> >::Notify()
2023-11-07T08:38:36.454Z [ 2448: 7052] D - OutgoingClientTemplate<class OutgoingClientInterfaceTemplate<struct LoginRequestData>,class OutgoingConnectorInterfaceTemplate<struct LoginRequestData> >::AsyncNotify()
2023-11-07T08:38:36.454Z [ 2448: 2176] D - ConnectionThreadRunner::Run()
2023-11-07T08:38:36.454Z [ 2448: 2176] E Standard exception: use_private_key: unsupported
2023-11-07T08:38:44.456Z [ 2448: 1212] D Submitting message of type 1, 48 bytes
2023-11-07T08:38:51.456Z [ 2448: 2176] D + ConnectionThreadRunner::Run()
2023-11-07T08:38:51.456Z [ 2448: 2176] D + NotificationQueue::Clear()
2023-11-07T08:38:51.456Z [ 2448: 2176] D - NotificationQueue::Clear()
2023-11-07T08:38:51.456Z [ 2448: 2176] D + OutgoingQueue::Clear()
2023-11-07T08:38:51.456Z [ 2448: 2176] D - OutgoingQueue::Clear()
2023-11-07T08:38:51.456Z [ 2448: 2176] D + StonewallingDataProducer::SetConfigurationData()
2023-11-07T08:38:51.456Z [ 2448: 2176] D - StonewallingDataProducer::SetConfigurationData()
2023-11-07T08:38:51.456Z [ 2448: 2176] D Active UTM ID:
2023-11-07T08:38:51.456Z [ 2448: 2176] D Attempt to connect to IP address 52.5.76.173 on port: 8347
2023-11-07T08:40:24.810Z [ 2448: 7076] A Log level changed to Error (was Debug): config reset to default
...
2023-11-07T08:41:06.506Z [ 2448: 6420] A ----------------------------------------------------------------------------------------------------
2023-11-07T08:41:06.506Z [ 2448: 6420] A Stopped Heartbeat
2023-11-07T08:41:06.507Z [ 2448: 6420] A ----------------------------------------------------------------------------------------------------
2023-11-07T08:41:06.989Z [ 6628: 4848] A ----------------------------------------------------------------------------------------------------
2023-11-07T08:41:06.990Z [ 6628: 4848] A Starting Heartbeat version 1.15.1122.0
2023-11-07T08:41:06.990Z [ 6628: 4848] A ----------------------------------------------------------------------------------------------------
2023-11-07T08:41:07.001Z [ 6628: 6596] E Standard exception: use_private_key: unsupported

FW HBT Log:

XG430_WP02_SFOS 19.5.3 MR-3-Build652 HA-Primary# ipset -L |grep 172.16.xxxx.xxxx
XG430_WP02_SFOS 19.5.3 MR-3-Build652 HA-Primary#


[2023-11-06 17:52:06.444Z] INFO ModuleStatus.cpp[25427]:137 processMessageStatus - Status request received from endpoint: 73a84f61-xxxx-xxxx-xxxx-xxxx8ae31ee8 (172.16.xxx.xxx) health: 3
[2023-11-06 17:55:06.699Z] INFO ModuleStatus.cpp[25427]:137 processMessageStatus - Status request received from endpoint: 73a84f61-xxxx-xxxx-xxxx-xxxx8ae31ee8 (172.16.xxx.xxx) health: 1
[2023-11-06 18:59:19.197Z] INFO EndpointStorage.cpp[25427]:119 endpoint_connectivity_cb - Connectivity changed for <73a84f61-xxxx-xxxx-xxxx-xxxx8ae31ee8>: <1> -> <5>
[2023-11-06 19:04:04.199Z] INFO EndpointStorage.cpp[25427]:119 endpoint_connectivity_cb - Connectivity changed for <73a84f61-xxxx-xxxx-xxxx-xxxx8ae31ee8>: <5> -> <3>



This thread was automatically locked due to age.
  • +1

    fixed by

    Sophos Endpoint and Server - Missing Security Heartbeat on Windows legacy platforms:

    https://support.sophos.com/support/s/article/KB-000045533

    Core Agent  FTS 2023.1.2.9-MR1 Legacy

    FW  HBT Log:

    [2023-11-08 12:04:30.600Z] WARN HBSession.cpp[25427]:344 bufferDisconnectEvent - Incoming connection from 172.16.xxx.xxx failed. SSL error: SSL routines:tls_process_client_certificate certificate verify failed
     (many of these events)
    [2023-11-08 12:04:31.631Z] WARN HBSession.cpp[25427]:344 bufferDisconnectEvent - Incoming connection from 172.16.xxx.xxx failed. SSL error: SSL routines:tls_process_client_certificate certificate verify failed
    [2023-11-08 12:04:32.653Z] INFO HBSession.cpp[25427]:504 logNewSession - New Session: [172.16.xxx.xxx]:25310 connected
    [2023-11-08 12:04:32.659Z] INFO ModuleSacFirst.cpp[25427]:95 sendEacMessage - send EacSwitchRequest to endpoint (IP=172.16.xxx.xxx)
    [2023-11-08 12:04:32.660Z] INFO EpStateListBroker.cpp[25427]:56 markEndpointForUpdates - Endpoint marked for receiving Stonewall updates: 73a84f61-xxxx-xxxx-xxxx-9xxxxxx31ee8(172.16.xxx.xxx)
    [2023-11-08 12:04:37.211Z] INFO ModuleStatus.cpp[25427]:137 processMessageStatus - Status request received from endpoint: 73a84f61-xxxx-xxxx-xxxx-9xxxxxx31ee8 (172.16.xxx.xxx) health: 1

    Client is now using Heartbeat version 1.15.1175.0, which is newer than 1.15.1122.0 (the version with the problem)

Unfiltered HTML
Help Us Improve The Community
Unfiltered HTML