Auth Connector shows green, but all users are showing up as unauthenticated.

<< Back to Knowledge Search



The Auth Connector connection status is green, but all users are showing up as unauthenticated.

The ThreatPulse (cloud) Auth Connector connection status is green (good) and connected in the Portal, but all users display as "Unauthenticated" users.

On the Windows server running the Auth Connector, the following SSL error (triggered by the Auth Connector) was seen in the Windows application event log: 

"The certificate chain was issued by an authority that is not trusted."


After running this command: 

netstat –an | find "443"

There were multiple connections to in TIME_WAIT status.

NOTE: This IP address is one of the portal IP addresses, similar to those described in 000014870

After enabling debug logging for BCCA Auth Connector agent, it was seen that the connection to was successful (in the BCCA debug log), but the connection to the cloud service (IP similar to: was failing with the above certificate error.




To resolve the issue, enter the IP address in the SSL error in a Web browser on the Windows server that is running the Auth Connector. For example:

The full certificate chain is viewed and the intermediate CA certificate is saved to a local file.

Launch Start->Run "mmc" and the Certificates snap-in for the local computer account is added.

The intermediate CA certificate is imported into the Intermediate CA store, and the BCCA agent is restarted.

At this point, all users get authenticated.


Additional Information
Bug Number
InQuira Doc IdKB5105

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      Cloud Authentication Connector
Topic      Errors / Event Logs / Alerts
Article Number      000007980
Was this helpful?
Previous MonthNext Month