on Sep 20, 2016Article Content
| Article Number | 000034042 |
| Applies To | RSA Product Set: Security Analytics RSA Product/Service Type: SA Security Analytics Server RSA Version/Condition: 10.5.x, 10.6.0.x,10.6.1.0 |
| Issue | When applying a certificate: 1. Go to SA server Administration > Security 2. Click on the PKI Settings tab 3. Click the + under Server Certificates and add a web server certificate created as a .p12 4. Select the server certificate by checking the checkbox listed next to the .p12 5. Click on "Use as Server Certificate" The Security Analytics web interface will no longer be available, jettysrv will not start and you will see in /opt/rsa/jetty9/logs/stderrout.log: java.io.FileNotFoundException: /opt/rsa/carlos/truststore- |
| Cause | Security Analytics expects that the Trusted CA file(s) be uploaded before applying a Server certificate. If the Trusted CA file(s) have not been uploaded jettysrv will be looking for the Trusted CA file(s) at /opt/rsa/carlos/truststore-pki.p12. |
| Resolution | The issue is under review to be fixed in a future release of RSA Security Analytics. |
| Workaround | If you have not applied the server certificate for PKI authentication then, before doing so add the Trusted CA file(s) for the server certificate(s): 1. Go to SA server Administration > Security 2. Click on the PKI Settings tab 3. Click the + under Trusted CAs and add the CA trusted CA certificate file(s) If you have already applied the server certificate for PKI authentifcation and jettysrv does not start: 1. SSH in to the Security Analytics server 2. Copy the Server Certificate to truststore-pki.p12 by running: cp /opt/rsa/carlos/keystore-pki.p12 /opt/rsa/carlos/trustore-pki.p12 3. Restart jettysrv by running the following command: restart jettysrv |