Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Qualys connector openning SSL v2/v3 connections

Hello everyone,

We are setting up the Qualys connector for the first time and we have run into an interesting scenario. While attempting to run the qualys_connector.pl script the following messages are displayed:

SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
Tue Feb 21 10:13:16 2017 [INFO] Launching Report
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
Tue Feb 21 10:13:18 2017 [ERROR] Launch response: <?xml version="1.0" encoding=" UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://qualysapi.qualys.com/api/2.0/simple_retu rn.dtd">
<SIMPLE_RETURN>
<RESPONSE>
<DATETIME>2017-02-21T15:13:18Z</DATETIME>
<CODE>1903</CODE>
<TEXT>Missing required parameter(s): report_refs (this report requires a tar get)</TEXT>
</RESPONSE>
</SIMPLE_RETURN>

Understanding that our report is missing parameter (If anyone knows what that is, please let me know), what is also concerning is that the connector is opening a SSL v3 connection to Qualys. Does anyone know how to force the connector to TLS 1.x? I have included details of our environment below.

Host OS: RHEL 7.3

Perl version: v5.16.3

Perl modules installed with versions:

  • IO::Socket::SSL v2.046
  • XML::Simple v2.22
  • XML::Twig v3.52
  • Net::IP v1.26
  • YAML::XS v0.63
  • LWP::UserAgent v 6.19
  • Net::SSL v2.86
1 REPLY
Cisco Employee

This is a supported Host

This is a supported Host Input Connector.  You can open a TAC support case and get help directly from the support team.

Doug

35
Views
0
Helpful
1
Replies