000039341 - How to access RSA NetWitness Core Server REST UI using SSL

Document created by RSA Customer Support Employee on Sep 25, 2020
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000039341
Applies ToRSA Product Set: RSA NetWitness Platform
RSA Product/Service Type: Archiver, LogDecoder, PacketDecoder, Concentrator, Broker
RSA Version/Condition: 11.X
Platform: CentOS
 
IssueBy default all Core service REST UI accessible over http. When vulnerability scans performed, Recommended to use SSL access instead of http.
ResolutionPlease follow one of the below methods to switch from http to https.

Method1:
  1. Please access REST UI using below link depending on which service requires SSL access.
    http://<LogDecoderIP>:50102/rest/config
    http://<BrokerIP>:50103/rest/config
    http://<PacketDecoderIP>:50104/rest/config
    http://<CocnetratorIP>:50105/rest/config
    http://<ArchiverIP>:50108/rest/config

     
  2. Change SSL=on as below and press "Set".
    rest
  3. Restart Core service to take effect the changes using one of the below commands depending on service.
    systemctl restart nwlogdecoder.service
    systemctl restart nwdecoder.service
    systemctl restart nwconcentrator.service
    systemctl restart nwarchiver.service
    systemctl restart nwbroker.service

     
  4. REST UI can be accessed using https instead of http.
Method2:

Please go to the Explore page of Core Sever (LogDecoder,PacketDecoder,Archiver,Broker) and go to rest->config page.

Change ssl=on as below and restart Core service to take effect the changes using the above Step3 commands.
rest
 

Attachments

    Outcomes