Article Number
000001538
Applies To
RSA Product Set: NetWitness Endpoint
RSA Product/Service Type: NetWitness Endpoint
RSA Version/Condition: 4.4.x, 4.3.x, 11.x
Platform: Windows
Issue
In order to create an agent, you need agent certificates during the installation process. If the agents have failures with the listed certificates, such as the private key not being exportable, then the following error is seen when clicking Generate Agent:
"Unable to access client certificate, or failed to read its private key"
Cause
This error is caused by either certificate permissions issues, or much more likely, the certificate was imported into the Private certificates store without the two certificates, the Client and Server certificate respectively, having their private key marked as exportable.
The Agent Packager needs the private key to be able to be exported so the agent can properly validate itself to the server; without this, the packager cannot generate an agent.
Resolution
- Go to Run and type MMC in Windows;
- Select File Add/Remove Snap-In and select Certificates
- Click Add>Computer Account>Next>Finish>OK
- Expand Certificates, you should see something like below: