000014870 - DLP Network Events stuck on NW Controller due to expired Java security certificate

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014870
Applies ToRSA Data Loss Prevention Suite
Network Controller
IssueDLP Events are stuck on the NW Controller with the significant amounts of xxxxxxxxx.zip files located in either the /opt/rsa/tablus/controller/audit/smtp and /opt/rsa/controller/em/events directories.
CauseJava Security Certificate has expired. / NW Controller Logs contain entry: SSLHandshakeException: java.security.cert.CertificateExpiredException
ResolutionTo reolve this issue, you will need to rebuild SSL certificate on your DLP Network device:
1) Login to the Controller (or other affected Network device)
2) From the tabmenu, select Exit to Shell
3) Type killca to stop all the services
4) CD to /opt/tablus/bin , /opt/rsa/bin
5) In the Bin directory type ./initssl.sh  to rebuild the SSL certificate
6) Type tabservice start to restart all the services
7) Verify that Network Events begin to appear on the EM

Legacy Article IDa52344