How to resolve the deployment if the deploy_admin password was changed during the upgrade to RSA NetWitness 11.x

Issue

The deploy_admin password changed and now the deployment of core devices are not functioning.

The chef-stacktrace.out file reports the following:

 security-cli-client --sign-cert --in-file /etc/pki/nw/rabbitmq/rabbitmq-server-key.csr --out-file /etc/pki/nw/rabbitmq/rabbitmq-server-cert.pem --chain-file /etc/pki/nw/rabbitmq/rabbitmq-server-cert.chain -u java.lang.IllegalStateException: Service not available!
 
at com.rsa.netwitness.infrastructure.security.client.SecurityApplication.checkServerReady(SecurityApplication.java:286)

Cause

The update uses the deploy_admin password to sign certificates used by rabbitmq. If the deploy_admin password is modified before fully completing the upgrade the configuration file will still have the previously configured deploy_admin password.

Resolution

To resolve the issue, connect to the core device that you are trying to install via SSH and then edit the security-client-amqp.yml file.

 vi /etc/netwitness/security-client/security-client-amqp.yml

Modify the rabbit-pw to the changed deploy_admin password and then re-run the install for the core service.

Notes

Please check the password policy: Admin > Security > Settings tab.

If the password security has increased after setting the deploy_admin password, the password may not comply with the updated password policy and either the password policy or password may need to be updated.

Also, check to make sure the deploy_admin password has not been locked out or expired.

Product Details

RSA Product Set: NetWitness Logs & Network
RSA Product/Service Type: Core Appliance
RSA Version/Condition: 11.x

Summary

Process of modifying the security file containing the deploy_admin password to complete an update.

Approval Reviewer Queue

RSA NetWitness Suite Approval Queue