If customers utilize the Qualys Gateway Service (QGS) for agent communication, WinHTTP 12175, 12152 can be logged in the following two scenarios:
If QGS is enabled for Cache mode but the QGS certificates have not been installed on each of the agent host systems impacted.
If QGS proxy was set up as an https proxy rather than as a http proxy. HTTP 12152 gets logged.
In both scenarios, the following entries can be found in the Cloud Agent log file:
Error: CORE: Unable to communicate with the server. (winhttp code: 12152), The server response cannot be parsed.
Check the following solutions:
Cache Mode requires the certificate of the appliance to be installed on each host with Cloud Agent, that is, to connect through that specific appliance. Check and Follow these steps as mentioned in the Certificates.
You can also choose to add your own certificates to the appliance instead of using the Qualys Common CA or appliance-level certificates. Refer to the Upload Certificates section of Qualys Gateway Service User Guide.
The QGS UI provides the gateway appliance’s certificate (.pem) for download, plus an optional MSI installer to install on Windows hosts.
Note: Use the HTTP prefix for an encrypted connection while configuring the proxy for the Windows agent because to forward HTTPS/TLS encrypted sessions over a tunneled TCP session, Windows Agents use the HTTP CONNECT method. TCP communication through this initial connection is encrypted. For details, refer to HTTP CONNECT Method.
- Qualys Gateway Services User Guide
- Cloud Agent for Windows Installation Guide