Article Content
Article Number | 000034484 |
Applies To | RSA Product Set: RSA Security Analytics RSA Product/Service Type: RSA Log Collector, RSA Log Decoder RSA Version/Condition: 10.5.x, 10.6.x Platform: Centos O/S Version: EL6 |
Issue | The RabbitMQ config file points to incorrect certificates files, this can be noticed by any of the below symptoms: Symptom 1: Queues on the Local Log Collector are missing consumers this can be confirmed by running the below command: SSH to the Log Decoder: rabbitmqctl list_queues -p logcollection name consumers | column -t If there are no consumers, the output should look like the below, where 0 means that there are no consumers to the corresponding queues: [root@logdecoder /]# rabbitmqctl list_queues -p logcollection name consumers | column -t Symptom 2: Errors similar to the below are noticed in the RabbitMQ log file under : /var/log/rabbitmq/sa\@localhost.log =ERROR REPORT==== 31-Oct-2016::13:09:09 === Symptom 3: Errors similar to the below are noticed Log Collector Logs under: /var/log/messages Oct 31 11:26:19 NwLogCollector[19565]: [AMQPClientBase] [failure] An error occurred creating an AMQP channel: Error in opening SSL/TLS connection for socket |
Cause | RabbitMQ certificates are not pointing to the correct files. The truststore.pem certificate located under: /etc/netwitness/ng/rabbitmq/ssl/ should be pointing to the truststore.pem certificate file under: /etc/rabbitmq/ssl The cert.pem and privkey.pem certificates under: /etc/netwitness/ng/rabbitmq/ssl/keys should be pointing to cert.pem and key.pem certificates respectively under: /etc/rabbitmq/ssl/server/ |
Resolution | SSH to the Log Decoder and run the below commands: cd /etc/netwitness/ng/rabbitmq/ssl/ The output should be something like this: [root@logdecoder ssl]# pwd |