Date: Fri, 29 Mar 2024 15:33:39 +0100 (CET) Message-ID: <2088159929.1356.1711722819059@localhost> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_1355_1171440681.1711722819059" ------=_Part_1355_1171440681.1711722819059 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
Kiuwan Local Analyzer (KLA) does not start, raising an error message lik= e below:
This error happens when KLA detects that the SSL certificat= e is not the expected from kiuwan.com and it might be a clue= of a Man-In-The-Middle (MITM) attack.
The most common reasons for this problem are:
Check if you are using the latest KLA version. Kiuwan.com may have upgra= ded the SSL certificate and, for some reason, the automatic update mechanis= m is not working.
A clue of this situation is that the error message displays: CN=3DSectigo RSA Domain Validation Secure Se= rver CA
Force an update manually by deleting the following file= s (located at your KLA installation root directory):
In case this solution does not work, delete the current KLA installation= , and download and install the latest version (Download Kiuwan Local Analyzer)
If you are using the Kiuwan Plugin for Jenkins (Jenkins plugin (old)= ), you should only delete the following directories (download and installat= ion of the latest KLA will be automatically done):
Check with your Network Admins that SSL Inspection is being implemented.=
Quite often, network departments implement SSL Inspection to avoid security= threads through SSL encrypted channels.
These solutions lead to the KLA detecting that the SSL channel is not be= ing established with the expected kiuwan.com server. If this happens, it mi= ght think that it's an MITM attack.
A usual clue of this situation is when the log message shows that Certif= icate CN is different from the above value.
If you are sure you are using the latest version of KLA, get in = contact with your Network Department.
Some samples on how to configure SSL inspection in popular proxy/gateway= products:
https://help.zscaler.com/zia/deploying-= ssl-inspection
https://h= elp.zscaler.com/zia/skipping-inspection-traffic-specific-urls-or-cloud-apps=
https://wiki.squid-c=
ache.org/ConfigExamples/Intercept/SslBumpExplicit
https://help.kaspersky.com/KWTS/6.0/en-= US/166244.htm