000030698 - Unable to execute IPDB reports due to a certificate validation failure in RSA Security Analytics

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000030698
Applies ToRSA Product Set: Security Analytics
RSA Product/Service Type: Security Analytics UI, IPDB Extractor, Reporting Engine, Security Analytics Server
RSA Version/Condition: 10.4.0.x, 10.4.1.0, 10.4.1.1, 10.5.0.0
Platform: CentOS
O/S Version: EL6
IssueWhen attempting to create a IPDB Reporting Engine rule in the Security Analytics UI, the available meta will appear to be blank.
The Meta pick list section displays the following error:  Schema fetched from data source was null for data source=
User-added image
The /home/rsasoc/rsa/soc/reporting-engine/logs/reporting-engine.log file on the Security Analytics server reports the following error:
2015-06-22 13:20:46,912 [GetSchemaRequest_5] ERROR com.rsa.soc.re.ce.command.GetSchemaCommand - Error processing command
com.rsa.soc.re.exception.ReportingException: Schema fetched from data source was null for data source=
at com.rsa.soc.re.ce.command.GetSchemaCommand.execute(GetSchemaCommand.java:81)
at com.rsa.soc.re.ce.server.ReportEngineController.process(ReportEngineController.java:54)
at com.rsa.soc.re.ce.server.ReportingEngineService.onRequest(ReportingEngineService.java:65)
at com.rsa.soc.re.ce.server.ReportingEngineService.onRequest(ReportingEngineService.java:26)
at com.rsa.netwitness.carlos.transport.spi.AbstractMessageChannel$5.run(AbstractMessageChannel.java:633)
at com.rsa.netwitness.carlos.common.SharedThreadPoolExecutor$TagExclusiveRunnable.run(SharedThreadPoolExecutor.java:100)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)

The reporting-engine.log file will also report the warning message below.
2015-06-03 06:58:16,038 [NioProcessor-324] WARN  org.apache.mina.filter.logging.LoggingFilter - EXCEPTION :
javax.net.ssl.SSLHandshakeException: SSL handshake failed.

This issue also affects the execution of reports that utilize IPDB rule types.
CauseThis issue occurs because of a certificate validation failure during the SSL handshakes with the IPDB Extractor service.
ResolutionThis is a known issue and has been permanently resolved in Security Analytics versions 10.4.1.2 and 10.5.0.1.

Attachments

    Outcomes