|License Type||SaaS & On-Premise|
|Agent Mode||Assess & Protect|
|Main Product Category||.NET Agent|
You're experiencing one or more of the following symptoms:
- The .NET agent doesn't start successfully.
The Contrast Tray and/or .NET agent logs report errors when connecting to the Contrast application:
.NET Agent Windows Service failed to start. The agent cannot connect to TeamServer at: https://app.contrastsecurity.com.
Data from a server with the installed agent doesn't appear in the Contrast interface.
There can be several causes for this error but the end result is that the agent is unable to successfully communicate with the Contrast UI and is therefore unable to continue.
If the error states:
System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
then generally it is a failure to recognize the root CA.
If the error states one of the following:
System.Net.WebException: The remote name could not be resolved
Response Code: Unauthorized
Response Code: PreconditionFailed
then there is likely a credential error in the agent's configuration file.
For certificate or CA chain of trust errors, a common issue is that the CA is being replaced during the package inspection of a firewall or proxy server. The steps for troubleshooting and resolving such an issue are the same as are detailed in the following article related to the Java Agent: Java Agent Fails to Connect to Contrast UI: javax.net.ssl.SSLHandshakeException
For other issues, open the .NET agent's configuration file,
contrast_security.yaml, which is located in the agent's working directory (i.e.,
- Verify that the
urlvalue is correct. It should look similar to the following, although will vary if you have an on-premise Contrast UI install:
api:Check the URL can be reached from a normal web browser on the server. If it can't be reached, you should review the network path and related settings between the server and the Contrast application.
- Verify proxy settings. If a normal web browser can connect to Contrast but the agent can't, the agent might be missing the proxy settings required by your network environment. You can configure a proxy using the following settings:
url: <proxy url with port and scheme>
user: <proxy user if required>
pass: <proxy password if required>
auth_type: <proxy auth type if required>
Verify that the values of
api_keyare correct. If the above settings are correct, the API key used by your organization might have changed. Follow these directions to view your current API Key.
More information on the .NET's configuration can be found here. All properties can also be set as environment variables - this is especially useful if it's not possible to store the proxy password in a configuration file.