.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
[REQUEST TO ARCHIVE] Issue with alias name in the RSA Security Analytics Server certificate due to unsupported special characters
Issue
When you create custom Security Analytics server certificates, the alias name of the certificate contains the following characters:[ ] { } ( ) < > or the characters & ! or |.
After the installation from the Security Analytics UI, the Security Analytics server stops to work and no error is available in sa.log.
Cause
The issue seems to be in the alias used for storing the key in the key store. SA code is not handling the special characters in the string in puppet infrastructure.
Workaround
Avoid using these characters in the alias name for the Server Certificate.Or
Refer to the Custom Server Certificate topic in the System Security and User Management guide. (Optional)
Resolution
The fix is included in 10.6.4 and above. The specified special characters will be blocked when applying 'Use As Server Certificate' in Security Analytics UI.
Product Details
RSA Product Set: NetWitness Logs & Packets / Security AnalyticsRSA Product/Service Type: Security Analytics Server, User Interface
RSA Version/Condition: 10.6.x
Platform: CentOS, Jetty9
O/S Version: EL6
Summary
Security Issue.
Approval Reviewer Queue
Technical approval queue