Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000029763 - RSA NetWitness Endpoint RSA Live configuration error, Could not establish trust relationship for the SSL/TLS secure channel

Document created by RSA Customer Support

on Jun 15, 2016•Last modified by RSA Customer Support on Dec 25, 2019

Version 4Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000029763
Applies To	RSA Product Set: NetWitness Endpoint formerly ECAT RSA Product/Service Type: NetWitness Endpoint RSA Version/Condition: 4.4.x Platform: Windows Server 2012
Issue	In the RSA NetWitness Endpoint UI, when trying to configure the RSA Live through the Monitoring and External Components returns the error: "Unknown error occurred Error = Could not establish trust relationship for the SSL/TLS secure channel".
Cause	This is caused by the Endpoint SQL Server database having an incorrect MasterServerCertHash value in the ECAT$PRIMARY].[dbo].ApplicationSetup] table.
Resolution	On the Endpoint Server navigate to the location where Endpoint Server software was installed, default directory C:\Program Files\RSA\ECAT\Server Open the ConsoleServer.Exe.Config file. Find the "LocalHttpsServerCertHash" line that appears like the below example <add key="LocalHttpsServerCert" value="EcatServerExported"/> <add key="LocalHttpsServerCertHash" value="B3E17A38985B46132335A13DC11F1758C9CD68A4"/> <add key="LocalHttpsClientCert" value="EcatClientExported"/> Copy the hash value and on the Endpoint SQL Server machine open the Microsoft SQL Server Management Studio program. Navigate to Databases > app, and open a "New Query". Run the following SQL query and confirm the MasterServerCertHash value doesn't match the value seen in the ConsoleServer.Exe.Config file. select MasterServerCertHash from [ECAT$PRIMARY].[dbo].ApplicationSetup After confirming the MasterServerCertHash value doesn't match then update the record with the SQL command update [ECAT$PRIMARY].[dbo].ApplicationSetup set [MasterServerCertHash]=0x{hex string from ConsoleServer.Exe.Config file} Substitute {hex string from ConsoleServer.Exe.Config file} with the correct value. For the above example hex string, the SQL will appear like, update [ECAT$PRIMARY].[dbo].ApplicationSetup set [MasterServerCertHash]=0xB3E17A38985B46132335A13DC11F1758C9CD68A4 Repeat the SQL query in Step 5 to check the correct MasterServerCertHash value is now inserted. Validate that the RSA Live configuration can now be set in the Endpoint UI.

Attachments

Outcomes

0 Comments

Recommended Content

Incoming Links

Recently Published Knowledge Base Articles for RSA NetWitness® Endpoint