.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
NetWitness 11.x Certificate Popup for Respond Server
Issue
Certificate popup for respond server if respond server certificate is expired when Event Steam Analysis (ESA) is not available in NetWitness Platform stack.Resolution
1. Run the following command on the Admin Server to get the service ID for respond server
cat /etc/netwitness/respond-server/service-id
2. On the Admin Server login to Mongo Database:
mongo admin -u deploy_admin -p <deploy_admin_password>
3. Execute the following commands:
use security-server
db.certificate.find({"_id" : "rsa-nw-respond-server"})
db.certificate.find({"_id" : "<service id of respond server>"})
db.certificate.remove({"_id" : "rsa-nw-respond-server"})
db.certificate.remove({"_id" : "<service id of respond server>"})
exit
db.certificate.find({"_id" : "rsa-nw-respond-server"})
db.certificate.find({"_id" : "<service id of respond server>"})
db.certificate.remove({"_id" : "rsa-nw-respond-server"})
db.certificate.remove({"_id" : "<service id of respond server>"})
exit
Note: Make sure to take the backup of "rsa-nw-respond-server" and "<service id of respond server>" certificate in the local drive or copy the output to the backup location.
4. Restart the jetty service
systemctl restart jetty
Note:
Take a backup of the respond-server-cert under /etc/pki/nw/service
Take a backup of the respond-server-cert under /etc/pki/nw/service
rsa-nw-respond-server-cert.pem
rsa-nw-respond-server.chain
rsa-nw-respond-server.chain
As chef client is failing upgrade expecting rsa-nw-respond-server-cert.pem, please move the cert files back under /vetc/pki/nw/service and retry the upgrade.
Product Details
RSA Product Set: RSA NetWitness PlatformRSA Product/Service Type: Core Appliance
RSA Version/Condition: 11.x
Platform: CentOS
O/S Version: 7
Approval Reviewer Queue
Technical approval queue