This article explains how to solve the error: {"code":-32602,"message":"Invalid params","data":{"details":"The web server with this URL must support TLS 1.2, at least"}}}' trying to enable Endpoint Bitdefender GravityZone forward events to FortiSIEM.
Scope
FortiSIEM.
Solution
Verify that each step in the next document has been completed correctly. Bitdefender GravityZone FortiSIEM Configuration.
Run the following command to verify the HTTP account added in FortiSIEM Node Supervisor or Collector: htpasswd -vb /etc/httpd/accounts/passwds <http user name> <http password>.
Adding the IP address 35.212.58.191 to the whitelist to communicate Collector or Supervisor node and GravityZone.
The error:
"error":{"code":-32602,"message":"Invalid params","data":{"details":"The web server with this URL must support TLS 1.2, at least"}}
It is displayed when running the script enableBitDefenderForwardEventsToFortiSIEM.py to enable event forwarding, and multiple WAN links may be configured in the network to provide Internet access.
6. Since Bitdefender GravityZone is a cloud-based service, a public IP address is required for the supervisor or collector to enable event forwarding.
7. Make sure the script enableBitDefenderForwardEventsToFortiSIEM.py is using a public IP address in the option 'FSIEM Collector/Supervisor IP'. Ensure the node has access to the Internet using the same public IP address. This means the same public IP is used as source NAT and destination NAT, and the same WAN link. Verify by running the following command: curl ifconfig.me. 8. The output should be the same IP address used in the script. If it is the same and the error still occurs, check with the Firewall Administrator that the settings of the source NAT and destination NAT are using the proper WAN link.
