1. Backup then open the certreissue.rb file for editing using the below command:
vi /var/netwitness/config-management/cookbooks/launch/rsa-response/recipes/certreissue.rb
2. Comment the following code:
service_name = node['rsa-response']['service_names'].first
component_name = node['rsa-response']['component_name'
#nw_pki_bootstrap_launch "reissue certs for #{service_name}" do
#service_name service_name
#component_name component_name
#pki_cert_namespace cookbook_name
#use_http false
#only_if { node['packages'][service_name] }
#end
:wq! [To save the file after making the changes.]
3. Type the following commands:
nw-rescue-cert exec-rescue-local -p <deployment_password>
nw-rescue-cert exec-rescue-remote -p <deployment_password>
Note: Make sure cert rescue hotfix is installed on node-x. This is applicable only for 11.5 version.
Reissue the certificate using the following command:
a. Restart respond server service using the following command:
systemctl restart rsa-nw-respond-server
b. Reissue the certificate using the following command:
cert-reissue --host-all
c. (Optional) If step 2 fails, run the following command:
cert-reissue –host-all –skip-health-checks
