000032875 - Port 22 required for RSA SecOps 1.3 SAIM endpoint

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000032875
Applies ToRSA Product Set: Security Management
RSA Product/Service Type: Security Operations Management (SecOps)
RSA Version/Condition: 1.3
IssueAttempting to create Security Analytics Incident Management (SA IM) endpoint from UCF server to Security Analytics.  The certificate creation is failing.  Here is the error shown in the "connectionManager.log" file:
 
09 Dec 2015 15:58:38,803 | ERROR - SAIMOperations.updateRabbitTrustStore(120) | Failed to connect to SA server SSH.
com.jcraft.jsch.JSchException: java.net.ConnectException: Connection timed out: connect
 at com.jcraft.jsch.Util.createSocket(Util.java:394)
 at com.jcraft.jsch.Session.connect(Session.java:215)
 at com.rsa.vrm.collector.endpoint.archer.SAIMOperations.runCommand(SAIMOperations.java:134)
 at com.rsa.vrm.collector.endpoint.archer.SAIMOperations.updateRabbitTrustStore(SAIMOperations.java:92)
 at com.rsa.vrm.collector.endpoint.archer.SAIMEndpoint.testEndpointConnection(SAIMEndpoint.java:165)
 at com.rsa.vrm.collector.connection.TestEndpointExecutable.execute(TestEndpointExecutable.java:23)
 at com.rsa.vrm.collector.client.CommandLineClient.runExecutables(CommandLineClient.java:151)
 at com.rsa.vrm.collector.client.CommandLineClient.runMenu(CommandLineClient.java:59)
 at com.rsa.vrm.collector.client.CommandLineClient.runMenu(CommandLineClient.java:62)
 at com.rsa.vrm.collector.client.CommandLineClient.run(CommandLineClient.java:37)
 at com.rsa.vrm.collector.client.CommandLineClient.main(CommandLineClient.java:26)
Caused by: java.net.ConnectException: Connection timed out: connect
 at java.net.DualStackPlainSocketImpl.connect0(Native Method)
 at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
 at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
 at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
 at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
 at java.net.PlainSocketImpl.connect(Unknown Source)
 at java.net.SocksSocketImpl.connect(Unknown Source)
 at java.net.Socket.connect(Unknown Source)
 at java.net.Socket.connect(Unknown Source)
 at java.net.Socket.<init>(Unknown Source)
 at java.net.Socket.<init>(Unknown Source)
 at com.jcraft.jsch.Util$1.run(Util.java:362)
 at java.lang.Thread.run(Unknown Source)
CausePort 22 (SSH port) is closed.  This port is required for both the "automated" and "manual" certificate creation process in SecOps 1.3.
ResolutionTo resolve the issue, open Port 22.

Attachments

    Outcomes