This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by NetWitness experts.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to manually exchange certificates between VLC and LC via the RSA Security Analytics Explore view

Article Number

000002001

Applies To

RSA Product Set: Security Analytics, NetWitness Logs & Packets
RSA Product/Service Type: Log Collector, Virtual Log Collector (VLC)

Issue

How to manually exchange certificates between VLC and LC via the RSA Security Analytics Explore view.

Resolution

If for any reason the certificate exchange between the Virtual Log Collector (VLC) and the Log Collector (LC) does not work properly using the Security Analytics UI, the procedure below may be followed to manually exchange the certificates between those devices via the Explore view.

Adding the VLC's certificate to the LC's trusted list:

  1. In the Security Analytics UI, navigate to Administration -> Devices.
  2. Select the VLC device and click on View -> Explore.
  3. Drill down to event-broker -> ssl in the directory tree in the left pane.
  4. Right-click on ssl and click on Properties.
  5. Select Export from the drop down menu in the lower-right pane.
  6. Click the Send button and copy down the long string that is displayed in the ResponseOutput window.
  7. In the Parameters field, enter details=1 while Export is still selected in the drop down menu and click the Send button.
  8. Copy down the certificate "fingerprint" in the ResponseOutput window.
  9. Navigate back to Administration -> Devices.
  10. Select the LC device and click on View -> Explore.
  11. Drill down to event-broker -> ssl in the directory tree in the left pane.
  12. Right-click on ssl and click on Properties.
  13. Select trust in the drop-down
  14. In the Parameters field, enter the following information:  op=add fingerprint=<VLC certificate fingerprint from step 8> cert=<string from step 6>
  15. Click the Send button.
  16. Verify that the process was successful by entering op=list in the Parameters field and clicking the Send button.  The VLC's certificate should be displayed in the ResponseOutput window.

 Adding the LC's certificate to the VLC's trusted list:

  1. In the Security Analytics UI, navigate to Administration -> Devices.
  2. Select the LC device and click on View -> Explore.
  3. Drill down to event-broker -> ssl in the directory tree in the left pane.
  4. Right-click on ssl and click on Properties.
  5. Select Export from the drop down menu in the lower-right pane.
  6. Click the Send button and copy down the long string that is displayed in the ResponseOutput window.
  7. In the Parameters field, enter details=1 while Export is still selected in the drop down menu and click the Send button.
  8. Copy down the certificate "fingerprint" in the ResponseOutput window.
  9. Navigate back to Administration -> Devices.
  10. Select the VLC device and click on View -> Explore.
  11. Drill down to event-broker -> ssl in the directory tree in the left pane.
  12. Right-click on ssl and click on Properties.
  13. Select trust in the drop-down
  14. In the Parameters field, enter the following information:  op=add fingerprint=<LC certificate fingerprint from step 8> cert=<string from step 6>
  15. Click the Send button.
  16. Verify that the process was successful by entering op=list in the Parameters field and clicking the Send button.  The LC's certificate should be displayed in the ResponseOutput window.

For additional assistance, contact a Log Collection SME.

0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2022-02-10 12:37 PM
Updated by:
Administrator Administrator

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.