000032460 - Error message "Could not establish connection with Live server" when trying to save the RSA ECAT configuration

Document created by RSA Customer Support Employee on Oct 11, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000032460
Applies ToRSA Product Set: ECAT, NetWitness Endpoint
RSA Product/Service Type: ECAT
RSA Version/Condition: 4.0.x, 4.1.x, 4.2.x
Platform: Windows
IssueWhen trying to save the Live configuration the following error is seen:
Could not establish connection with Live Server.  The changes made are not saved.

 
User-added image
CauseThe error occurs when the installer failed to configure the certificate.
ResolutionOn the ECAT Sever confirm the RSA ECAT API Server service is running.
For ECAT 4.0.x open a browser and use the URL https://localhost:9443/api/v1/swagger-ui/, noting the use of HTTPS, not HTTP.

         (if using ECAT versions 4.1.x or 4.2.x, open URL https://localhost:9443/api/v2/swagger-ui/)
If this URL does not open in the browser, the installer failed to configure the certificate.  To resolve the error, run the following commands that manually complete the tasks that are supposed to be done by the installer.

     1.  Run as administrator a command prompt, and run the following to delete any previous certificate configured to use port 9443.
 
netsh http delete sslcert 0.0.0.0:9443

     
     2.  Run the following command:

netsh http add sslcert ipport=0.0.0.0:9443 certhash=<thumbprint_of_ECAT_server_cert> appid={0D90E141-9834-45CA-9426-C0E873106B2D}

 
To get the value of <thumbprint_of_ECAT_server_cert>, open the ConsoleServer.exe.config file that is located in the C:\ECAT\Server directory (default).  It is the value of the LocalHttpsServerCertHash key.  For example,

 
<add key="LocalHttpsServerCertHash" value="BE5775AECEBDE42A803FC2ED688563D7979D3CAC"></add>

     3.  Insert the value of the LocalHttpsServerCertHash key into the command.  For example,
netsh http add sslcert ipport=0.0.0.0:9443 certhash=BE5775AECEBDE42A803FC2ED688563D7979D3CAC appid={0D90E141-9834-45CA-9426-C0E873106B2D}

     
     4.  For ECAT 4.0.x open https://localhost:9443/api/v1/swagger-ui/ in browser. It should now be accessible.
         (if using ECAT versions 4.1.x or 4.2.x, open URL https://localhost:9443/api/v2/swagger-ui/)

     5.  Configure Live again and it should now work.

Attachments

    Outcomes