000031803 - Not able to migrate HTTPS and certificate details for EM plugins in RSA SecOps

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000031803
Applies ToRSA Product Set: Archer
RSA Product/Service Type: SecOps, Enterprise Management (EM) Plug-in
RSA Version/Condition: 1.3
Platform: Windows
O/S Version: 2008 R2, 2012, 2012 R2
IssueWhen an RCF migration for the Enterprise Management (EM) plug-in with SSL is performed, the certificates are not migrated.
Therefore the secure connection on the RSA Security Analytics (SA) server does not work.
ResolutionThis issue is being investigated by the Engineering team in order to provide a permanent resolution in a future release.
WorkaroundPost migration for EM Plugin with SSL, regenerate the certificates and deploy the certificates automatically to the Security Analytics server.
Follow the procedure below:
  1. Open command prompt and go to <install_dir>\SA IM Integration Service\data-collector
  2. Enter runConnectionManager.bat
  3. Choose option for “Regenerate Certificates” – this will regenerate certificates 
  4. Choose option for Edit Endpoint and then option for Edit Enterprise Management Endpoint
  5. Choose Yes for copying the certificates to SA box and enter SSH credentials for SA host as below:
                        User-added image
NotesIf you have SA IM endpoint and syslog server endpoint with secure TCP are configured, the certificates need to be redeployed by following the Regenerate certificates section in Install & config guide.

Attachments

    Outcomes