This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
NetWitness Knowledge Base Archive
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- NetWitness Community
- NetWitness Knowledge Base Archive
- RSA Netwitness not able to enable VLC/ Host appliance after changing it's IP Address
-
Options
- Subscribe to RSS Feed
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
RSA Netwitness not able to enable VLC/ Host appliance after changing it's IP Address
Article Number
000034148
Applies To
RSA Product Set: Security Analytics
RSA Product/Service Type: SA Security Analytics Server
RSA Version/Condition: 10.5.0.0 and higher releases
Platform: CentOS
RSA Product/Service Type: SA Security Analytics Server
RSA Version/Condition: 10.5.0.0 and higher releases
Platform: CentOS
Issue
- Unable to re-enable/re-provision a host that was provisioned before and got it's IP changed.
- When a host is removed an re-added.
- Host is discovered but failed to be enabled.
- When a host is removed an re-added.
- Host is discovered but failed to be enabled.
Resolution
1- Remove an re-purpose the VLC/host from SA UI.
2- Stop puppet service on VLC, using command: service puppet stop
3- Remove SSL folder under /var/lib/puppet.
4- Remove the old node_id file under /var/lib/puppet.
5- Run ./node_id.py script under /etc/puppet/scripts/node_id.py for creating a new node id.
6- Edit /etc/puppet/puppet.conf file to include the new node_id in "certname" field using the "vi" command.
7- On SA-head server "puppet Master", remove the VLC certificate under:
8- Remove the old VLC node_ID from inventory.txt under
9- On VLC, run "puppet agent -t" for creating a new SSL certs.
10- On SA UI, re-discover the VLC and enable the puppet service on VLC to complete the provisioning.
2- Stop puppet service on VLC, using command: service puppet stop
3- Remove SSL folder under /var/lib/puppet.
4- Remove the old node_id file under /var/lib/puppet.
5- Run ./node_id.py script under /etc/puppet/scripts/node_id.py for creating a new node id.
6- Edit /etc/puppet/puppet.conf file to include the new node_id in "certname" field using the "vi" command.
[root@ldecoder ~]# cat /etc/puppet/puppet.conf
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
certname = new node_id
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
server = puppetmaster.local
7- On SA-head server "puppet Master", remove the VLC certificate under:
/var/lib/puppet/ssl/ca/signed
As an example:
[root@sa-server vars]# cd /var/lib/puppet/ssl/ca/signed
[root@sa-server signed]# ls
13ba7876-5cfe-4de8-9b28-261c5f510e01.pem bd4527ef-b6ea-4d1a-80d4-30c8b1b36d11.pem
4c163d36-600c-4196-9ee3-65c5a91e71de.pem cba7d187-c986-4427-94c0-5ab532468c2a.pem
60547245-3ac3-40c4-8dc6-64f73aee8055.pem ed65d3eb-51fa-489d-8329-a49f322e92ee.pem
8f2aba18-0442-4cc2-97a8-4e50d4be96f0.pem facc4daa-f52d-47b1-9f2b-f74a627ae63f.pem
a4b06090-f50e-4085-a536-97628b00d074.pem
Search by the host node id to find it's old certificate:
[root@sa-server signed]# ll | grep -i 13ba7876-5cfe-4de8-9b28-261c5f510e01
-rw-r--r--. 1 puppet puppet 2009 Mar 1 2016 13ba7876-5cfe-4de8-9b28-261c5f510e01.pem
Then remove it:
[root@sa-server signed]#rm -f 13ba7876-5cfe-4de8-9b28-261c5f510e01.pem
8- Remove the old VLC node_ID from inventory.txt under
/var/lib/puppet/ssl/ca
Use the vi command to edit the file and remove the entry that has the node_id:
[root@sa-server ca]# cat inventory.txt
0x0001 2016-02-22T12:05:56GMT 2021-02-21T12:05:56GMT /CN=Puppet CA: facc4daa-f52d-47b1-9f2b-f74a627ae63f
0x0002 2016-02-22T12:06:00GMT 2021-02-21T12:06:00GMT /CN=facc4daa-f52d-47b1-9f2b-f74a627ae63f
0x0003 2016-02-22T14:51:14GMT 2021-02-21T14:51:14GMT /CN=ed65d3eb-51fa-489d-8329-a49f322e92ee
0x0004 2016-02-23T11:06:36GMT 2021-02-22T11:06:36GMT /CN=60547245-3ac3-40c4-8dc6-64f73aee8055
0x0006 2016-02-29T11:28:56GMT 2021-02-28T11:28:56GMT /CN=4c163d36-600c-4196-9ee3-65c5a91e71de
0x0007 2016-02-29T14:21:30GMT 2021-02-28T14:21:30GMT /CN=8f2aba18-0442-4cc2-97a8-4e50d4be96f0
0x0008 2016-02-29T14:37:49GMT 2021-02-28T14:37:49GMT /CN=bd4527ef-b6ea-4d1a-80d4-30c8b1b36d11
0x0009 2016-02-29T15:16:19GMT 2021-02-28T15:16:19GMT /CN=13ba7876-5cfe-4de8-9b28-261c5f510e01
0x000a 2016-03-08T12:19:46GMT 2021-03-08T12:19:46GMT /CN=cba7d187-c986-4427-94c0-5ab532468c2a
0x000c 2016-07-11T12:58:47GMT 2021-07-11T12:58:47GMT /CN=a4b06090-f50e-4085-a536-97628b00d074
9- On VLC, run "puppet agent -t" for creating a new SSL certs.
10- On SA UI, re-discover the VLC and enable the puppet service on VLC to complete the provisioning.
No ratings
