This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

NetWitness Community

  • Home
  • Products
    • NetWitness Platform
      • Advisories
      • Documentation
        • Platform Documentation
        • Known Issues
        • Security Fixes
        • Hardware Documentation
        • Threat Content
        • Unified Data Model
        • Videos
      • Downloads
      • Integrations
      • Knowledge Base
    • NetWitness Cloud SIEM
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Detect AI
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Investigator
    • NetWitness Orchestrator
      • Advisories
      • Documentation
      • Knowledge Base
      • Legacy NetWitness Orchestrator
        • Advisories
        • Documentation
  • Community
    • Blog
    • Discussions
    • Events
    • Idea Exchange
  • Support
    • Case Portal
      • Create New Case
      • View My Cases
      • View My Team's Cases
    • Community Support
      • Getting Started
      • News & Announcements
      • Community Support Forum
      • Community Support Articles
    • Product Life Cycle
    • Support Information
    • General Security Advisories
  • Training
    • Blog
    • Certification Program
    • Course Catalog
      • Netwitness XDR
      • EC-Council Training
    • New Product Readiness
    • On-Demand Subscriptions
    • Student Resources
    • Upcoming Events
    • Role-Based Training
  • Technology Partners
  • Trust Center
Sign InRegister Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by NetWitness experts.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
  • NetWitness Community
  • Knowledge Base
  • Reissuing security certificates on RSA NetWitness Platform 10.6.x
  • Options
    • Subscribe to RSS Feed
    • Bookmark
    • Subscribe
    • Printer Friendly Page
    • Report Inappropriate Content

The content you are looking for has been archived. View related content below.

Reissuing security certificates on RSA NetWitness Platform 10.6.x

Article Number

000001045

Applies To

RSA Product Set: NetWitness Platform
RSA Product/Service Type: All Appliances
RSA Version/Condition: 10.6.x
Platform: CentOS
O/S Version: 6

Issue

Customers on version 10.6.x or earlier of the RSA NetWitness Platform may have internal platform-issued security certificates that are about to expire or are already expired.

Resolution

Troubleshooting

  • Issue: The following error is displayed on the NetWitness Platform UI while running the certificate renewal script.
ssh: Could not resolve hostname: Name or service not known
exiting; no certificate found and waitforcert is disabled
  • Workaround:
  1. In NetWitness Platform, go to Admin > Hosts.
  2. In Hosts view, select the host and click Enable.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
  • Issue: The following error is displayed on the NetWitness Platform UI.
Enable Failed: Please click to retry.
  • Workaround
  1. Click the retry button to reattempt the enablement process.
  2. If unsuccessful contact RSA NetWitness Support for further assistance.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
  • Issue: Certificate is not renewed for the host.
  • Workaround:
  1. SSH to the specific host. Run the puppet agent to check for any error in the host:

# puppet agent -t
  1. If an error is found, fix the error and run the 10-6-cert-renewal.sh script again.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
  • Issue: Certificate is not renewed for the WLC host.
  • Cause: When you review the log for errors, errors may occur if a WLC is unreachable, or if the IP address, username, or password is incorrect. The script ignores systems that are not WLCs.
  • Workaround:
  1. ?In the wlc-systems file, remove all the entries and add ONLY the details of the WLC hosts whose certificates are not renewed.
  2. Renew the certificates. For more information, see above section Renew certificates that have expired or have not yet expired for Windows Legacy Collector (WLC) hosts.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
  • Issue: The Windows Legacy Collector is showing a shovel error (red circle) on a Log Collector under the Remote Collectors Tab.
  • Workaround:
    Follow the steps below:
    1. In NetWitness Platform, go to Config > Remote Collectors on any Log Collectors that are pulling from the affected WLC. Select the LC/VLC service to check the state of the shovel.
Tags (12)
  • Customer Support Article
  • KB Article
  • Knowledge Article
  • Knowledge Base
  • NetWitness
  • NetWitness Platform
  • NW
  • RSA NetWitness
  • RSA NetWitness Platform
  • RSA Security Analytics
  • Security Analytics
  • SIEM
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2022-02-10 02:33 PM
Updated by:
Administrator nwinfotech Administrator

Related Content

Powered by Khoros
  • Blog
  • Events
  • Discussions
  • Idea Exchange
  • Knowledge Base
  • Case Portal
  • Community Support
  • Product Life Cycle
  • Support Information
  • About the Community
  • Terms & Conditions
  • Privacy Statement
  • Acceptable Use Policy
  • Employee Login
© 2022 RSA Security LLC or its affiliates. All rights reserved.