search
    search
      9 Dec, 2016

      The Roaming Agents Relay client certificate (EcatRelayClient.pfx) and CA certificate (EcatRelayCA.cer) must be imported on the NetWitness Endpoint Console Server system in order to properly encrypt and verify communication with RAR. 

      1. Certificates must be added to the certificate store for the local machine, not the currently logged in user.  To access the certificate store for the local machine, open the Run dialog and execute MMC to open the Management Console.  Under the File menu select Add/Remove Snap-in.
        pastedImage_7.png
      2. Select Certificates from the left pane and click Add
        pastedImage_8.png
      3. Choose Computer account and click Next
        pastedImage_9.png
      4. Choose Local computer and click Finish
        pastedImage_10.png
      5. Click OK to continue
        pastedImage_11.png
      6. You will now be back at the Management Console with the Certificate Management Snap-In added.  First we will import the ECAT RAR client certificate.  Expand the Certificates/Personal Folder.  Right-click on Certificates, select All Tasks/Import
        pastedImage_12.png
      7. This will launch the certificate import wizard.  Click Next at the first window
        pastedImage_18.png
      8. Change the file type to Personal Information Exchange and browse to the directory containing the certificates copied from the RAR server
        pastedImage_19.png
      9. Select the file EcatRelayClient.pfx and click Open
        pastedImage_20.png
      10. Preview your settings and click Next
        pastedImage_21.png
      11. Enter the password chosen when the certificates were initially created on the RAR server and click Next
        pastedImage_22.png
      12. Ensure the certificates are being placed in the Personal Certificate store and click Next
        pastedImage_23.png
      13. Preview your configuration and click Finish
        pastedImage_24.png
      14. You should now see the EcatRelayClient certificate in the Personal Certificate store
        pastedImage_25.png
      15. Next the EcatRelayCA certificate must be added to the system.  Expand the Trusted Root Certificate Authorities folder and right-click on Certificates.  Select All Tasks/Import
        pastedImage_26.png
      16. This will launch the certificate import wizard.  Click Next at the first window
        pastedImage_27.png
      17. Browse to the directory containing the certificates copied from the RAR server.  Select EcatRelayCA.cer and click Open
        pastedImage_28.png
      18. Preview your settings and click Next
        pastedImage_29.png
      19. Ensure the certificates are being placed in the Trusted Root Certificate Authorities Certificate store and click Next
        pastedImage_30.png
      20. Preview your configuration and click Finish
        pastedImage_31.png
      21. Scroll through the list of Certificate Authority certificates and verify the EcatRelayCA certificate is present
        pastedImage_32.png
      Topic:
      0 Comment
        CATEGORIES
        RECENT POST
        Amazon Cloudwatch Event Source Log Configuration Guide
        3 Dec, 2025
        F5 Source Code Breach: Hunting UNC5221's BRICKSTORM with NetWitness
        31 Oct, 2025
        MSAzureGraph Universal Plugin for Microsoft Graph API
        17 Oct, 2025