Troubleshooting

• Issue: The following error is displayed on the NetWitness Platform UI while running the certificate renewal script.

• Workaround:

1. In NetWitness Platform, go to Admin > Hosts.
2. In Hosts view, select the host and click Enable.

• Issue: The following error is displayed on the NetWitness Platform UI.

• Workaround

1. Click the retry button to reattempt the enablement process.
2. If unsuccessful contact RSA NetWitness Support for further assistance.

• Issue: Certificate is not renewed for the host.
• Workaround:

1. SSH to the specific host. Run the puppet agent to check for any error in the host:

# puppet agent -t

2. If an error is found, fix the error and run the 10-6-cert-renewal.sh script again.

• Issue: Certificate is not renewed for the WLC host.
• Cause: When you review the log for errors, errors may occur if a WLC is unreachable, or if the IP address, username, or password is incorrect. The script ignores systems that are not WLCs.
• Workaround:

1. ?In the wlc-systems file, remove all the entries and add ONLY the details of the WLC hosts whose certificates are not renewed.
2. Renew the certificates. For more information, see above section Renew certificates that have expired or have not yet expired for Windows Legacy Collector (WLC) hosts.

----------------------------------------------------------------------------------------------------------------------------------------------------------------------

• Issue: The Windows Legacy Collector is showing a shovel error (red circle) on a Log Collector under the Remote Collectors Tab.
• Workaround:
  Follow the steps below:
  1. In NetWitness Platform, go to Config > Remote Collectors on any Log Collectors that are pulling from the affected WLC. Select the LC/VLC service to check the state of the shovel.