|Applies To||RSA Security Analytics|
RSA NetWitness NextGen
RSA NetWitness Decoder
RSA NetWitness Log Decoder
RSA NetWitness Concentrator
RSA NetWitness Hybrid
RSA NetWitness Broker
|Issue||How to Replace Self-Signed SSL Certificates with CA Signed Certificates for Core Device Communication in RSA Security Analytics and RSA NetWitness.|
Private Key Enable Netwitness using third party PKI certificates.
Client requirements may demand replacing the built in self-signed RSA PKI certificates with certificates that are trusted in their environment. Usually this is done to leverage an existing PKI and provide an additional level of trust. The default self-signed certificates are RSA 2048 bit key pairs is described in Appendix-A.
The attached document and instructions assumes NextGen 9.8 in which the NetWitness directory structure is /etc/netwitness/ng. If an older version 9.7 or earlier then you would substitute /etc/netwitness/9.0.
|Notes||These instructions are for configuring a Decoder, Concentrator, Log Decoder, Hybrid or Broker.|
|Legacy Article ID||a68143|