This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by NetWitness experts.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NetWitness Pre Upgrade Checks show Node Cert ID Check Probe Error

Article Number

000003158

Applies To

RSA Product Set: NetWitness Platform
RSA Product/Service Type: All Nodes
RSA Version/Condition: 12.4 or later
 

Issue

NetWitness Pre Upgrade Checks show Node Cert ID Check Probe Error as below.
Image descriptionImage description
 

Cause

This error is due to incorrect CN details in /etc/pki/nw/node/node-cert.pem or node-cert.pem file corruption. This file /etc/pki/nw/node/node-cert.pem should have CN details the same as the minion id in /etc/salt/minion. However, the probe was triggered due to a mismatch of CN and minion id as below.

Image descriptionImage description
 

Resolution

Please resolve the Node Cert ID Check Probe Error using the below steps.

1. If /etc/pki/nw/node/node-cert.pem CN and /etc/salt/minion minion-id mismatch exists, please delete the /etc/pki/nw/node/node-cert.pem file and run the below command. This will regenerate a new file with the correct CN details. 
chef-client -r "recipe[nw-pki]" --config /var/lib/netwitness/config-management/client.rb --json-attributes /etc/netwitness/config-management/node.json

2. Run the following command to determine if node-cert.pem is corrupt or unavailable. 
keytool --printcert -file /etc/pki/nw/node/node-cert.pem 
 If it shows a parse input error as below:
 Image descriptionImage description
Perform the following steps to resolve the issue:
a.    If a backup exists, replace the node-cert.pem with your backup.
b.    If a backup is not available, delete the /etc/pki/nw/node/node-cert.pem file.
c.    Once the file is deleted. Run the following command:
chef-client -r "recipe[nw-pki]" --config /var/lib/netwitness/config-management/client.rb --json-attributes /etc/netwitness/config-management/node.json

 If it shows no such file or directory as below:
 Image descriptionImage description
Perform the following steps to resolve the issue:
a.    If a backup exists, replace the node-cert.pem with your backup.
b.    If a backup is not available, then run the following command:
chef-client -r "recipe[nw-pki]" --config /var/lib/netwitness/config-management/client.rb --json-attributes /etc/netwitness/config-management/node.json



 
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2024-01-30 05:24 PM
Updated by:
Administrator Administrator

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.