.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
RSA Security Analytics Live cannot access cms.netwitness.com with proxy settings
Issue
RSA Security Analytics Live cannot access cms.netwitness.com with proxy settings.- Bluecoat proxy with NTLM authentication enabled in the environment.
- Configure Proxy settings in SA UI, Administration > System > HTTP Proxy Settings
- Test connection in Live fails.
The /var/lib/netwitness/uax/logs/sa.log file reports errors similar to the following:
com.rsa.netwitness.cms.impl.CmsClientImpl ? peer not authenticated
javax.net.ssl.SSLPeerUnverifiedException : peer not authenticated
javax.net.ssl.SSLPeerUnverifiedException : peer not authenticated
Resolution
Java keystore is for communication to outside of SA server. When traffics are going out of SA server through proxy, it is necessary to import proxy certificate into Java keystore on SA server. To import proxy certificate,
1. SSH to SA server
2. Backup the keystore
cp /etc/pki/java/cacerts /etc/pki/java/cacerts.backup
3. Move a copy of the .cer from the proxy server onto the SA server and run the following command:
keytool -import -trustcacerts -file <the cert file pathname> -alias <name an alias for the cert> -keystore /etc/pki/java/cacerts -storepass changeit
4. Restart jetty service
For 10.x
stop jettysrv
start jettysrv
For 11.x
start jettysrv
service jetty stop
service jetty start
service jetty start
Internal Comments
UserName:shurtj8/12/2014 1:50:15 PM - Updated Article
Updated article and made changes to abide by Primus best practices.
Jemma Lee -- 15/Nov/2018
Updated the article with NW11 information an added information about java keystore.
Product Details
RSA Product Set: RSA Security AnalyticsRSA Version/Condition: 10.x , 11.x
RSA Live
INTERNAL ONLY !!!!
Approval Reviewer Queue
RSA NetWitness Suite Approval Queue