|Applies To||RSA Security Analytics|
|Issue||How to enable SSL communications in RSA Security Analytics|
How do I enable SSL on SA components?
How do I enable SSL communications between the SA head unit and the rest of the components?
Summary: You can enable SSL on SA components to have a secure communications between SA and its components (concentrator, decoder etc). There are 2 main type of service you can enable SSL, the appliance service and the component service (also just known as the ?REST service? or the ?Service?)
Section 1: Enable SSL on the appliance service
The appliance service is used to perform general maintenance of the appliance, e.g: collect log files, set NTP server etc. It listens on port 50106, and you can check it?s communicating well by looking at the device -> system -> ?Appliance Service Information?. To enable SSL on the appliance service:
1. From administration, select device -> config.
2. Go to ?Appliance Service Configuration? tab
3. Set ?SSL? to ?on?. Then click ?Apply?.
Under device, go to ?System?
5. Select ?Shutdown Appliance Service?. Enter your message per desired.
Under device, go to ?Config?
7. In the ?General? tab, modify ?SSL? to ?On?. Then click Apply
Section 2: Enable SSL on the component service (or known as the ?REST service? or the ?Service?)
The REST service is used to manage rest of the communications, including transmitting of data, settings all other configs, etc. Each of the SA components have their own REST ports. The typical ones are:
? LogDecoder (50002/50102)
To enable SSL on the REST Service:
8. Under device, go to ?System? . You can ignore the message ?Device not available? for now.
9. Click ?Shutdown Service?
10. Enter your message per desired.
Wait for 5 minutes, or you can try to login to the SA component (in my case, the decoder), and perform a command: tail ?f /var/log/messages. Then observe if there is a message showing the REST service is SSL enabled
Note: You can ignore the error on the ?SSL handshake failed on port 50106? for now
Go back to administration -> device
13. Select the device -> edit
14. Check ?SSL?, and enter the ?Password? and click ?Test Connection?. Save it once you get a ?Test Connection successful? message.
You have now enabled SSL communication between SA and the component. You can now go back to the device -> system to see all the information.
If you are unsure of any of the steps above or experience any issues, contact RSA Support and quote this article ID for further assistance.
|Legacy Article ID||a64790|