401 Unauthorized scanning on JFrog Artifactory

401 Unauthorized scanning on JFrog Artifactory

0
Created On 11/18/19 18:24 PM - Last Modified 07/20/22 15:19 PM


Symptom


There may be an issue that appears when trying to scan a publicly accessible JFrog Artifactory when using the JFrog Artifactory version registry settings without credentials. This issue seems to have appeared in version 18.11.

Error messages
In Defend > Vulnerabilities > Registry, you will see an error message that reads something like this in red text under the list of registries:
 
Scanner <scanner_name>: failed to create docker client received status 401 Unauthorized for api
/artifactory/api/system/configuration/webServer, (
"errors" : [(
"status" : 401,
"message" : "Unauthorized"

Environment


Twistlock version: 18.11 or later

Cause


Steps to confirm the issue, if your registry scan settings looks like this, you may see this issue:

edit registry version jfrog artifactory

Resolution


A potential solution for this issue is to change Version to "Docker Registry v2" in the registry scan settings window.

edit registry version docker registry v2
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PNWwCAO&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail