Skip navigation
All Places > Products > RSA NetWitness Platform > RSA NetWitness Platform Online Documentation > Documents
Log in to create and rate content, and to follow, bookmark, and share content with other members.

Log Collection: Configure Custom Certificates

Document created by RSA Information Design and Development Employee on Apr 23, 2020Last modified by RSA Information Design and Development Employee on Sep 9, 2020
Version 2Show Document
  • View in full screen mode
 

You can configure custom certificates for the syslog listener on Log Collectors. This enables you to put your own trusted certificate in place on the syslog listener for specific event sources, while all other functionality uses the pre-installed certificates.

To configure custom certificates for an event source:

  1. Upload the custom certificate and key files onto the Log Collector or Virtual Log Collector, and save them into a folder. You need to add this path information in step 4 below.

  2. Go to (Admin) > Services, select a Log Collector service and The actions menu  > View > Config.
  3. Select the Event Sources tab, then choose Syslog from the drop-down menu.
  4. Add (or select) a syslog-tcp event source type.
  5. In the Sources pane, add (or edit) a source.

    The Add Source dialog box is displayed.

  6. In the Add Source dialog box, click the Advanced section toggle.

    The Advanced parameters are displayed.

  7. For the Certificate Directory Path, enter the pathname for the folder that contains the certificate files.

    custom certificate event source on Log Collector

    The Log Collector SSL syslog connections will use the logcollector_cert.pem and logcollector_key.pem files in the folder specified.

  8. Press OK to save all parameters that you added or changed.
  9. Restart syslog collection for the changes to take effect.

Note: More than one event source can use the same certificates: for each event source that shares the certificate, specify the same Certificate Directory Path. However, the specified path cannot contain more than one certificate (that is, one cert and one key file). To use a different custom certificate, you must specify a different Certificate Directory Path.

Previous Topic:Configure Certificates
You are here
Table of Contents > Basic Implementation > Configure Custom Certificates

Attachments

    Outcomes