If you have intermittent connection issues between your endpoint and Nebula, it may be due to SSL/TLS trust problems caused by certificate validation failures.
Symptoms
- Error message seen in Event Viewer:
- System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
Environments
- Nebula
- Windows endpoints
Cause
TLS 1.2 might be disabled on the endpoint, or a certificate mismatch could occur due to interference from network devices like firewalls, proxies, or security tools that inspect or modify traffic, causing certificate discrepancies.
Resolution
Make sure TLS 1.2 is enabled on your system or application.
If TLS 1.2 is enabled but the issue continues, switch your DNS server to Google's public DNS at 8.8.8.8 to bypass any possible network interference.