Import Roaming Agents Relay Certificates on Console Server

Document created by Nick Merante Employee on Dec 9, 2016
Version 1Show Document
  • View in full screen mode

The Roaming Agents Relay client certificate (EcatRelayClient.pfx) and CA certificate (EcatRelayCA.cer) must be imported on the NetWitness Endpoint Console Server system in order to properly encrypt and verify communication with RAR. 

 

  1. Certificates must be added to the certificate store for the local machine, not the currently logged in user.  To access the certificate store for the local machine, open the Run dialog and execute MMC to open the Management Console.  Under the File menu select Add/Remove Snap-in.
  2. Select Certificates from the left pane and click Add
  3. Choose Computer account and click Next
  4. Choose Local computer and click Finish
  5. Click OK to continue
  6. You will now be back at the Management Console with the Certificate Management Snap-In added.  First we will import the ECAT RAR client certificate.  Expand the Certificates/Personal Folder.  Right-click on Certificates, select All Tasks/Import
  7. This will launch the certificate import wizard.  Click Next at the first window
  8. Change the file type to Personal Information Exchange and browse to the directory containing the certificates copied from the RAR server
  9. Select the file EcatRelayClient.pfx and click Open
  10. Preview your settings and click Next
  11. Enter the password chosen when the certificates were initially created on the RAR server and click Next
  12. Ensure the certificates are being placed in the Personal Certificate store and click Next
  13. Preview your configuration and click Finish
  14. You should now see the EcatRelayClient certificate in the Personal Certificate store
  15. Next the EcatRelayCA certificate must be added to the system.  Expand the Trusted Root Certificate Authorities folder and right-click on Certificates.  Select All Tasks/Import
  16. This will launch the certificate import wizard.  Click Next at the first window
  17. Browse to the directory containing the certificates copied from the RAR server.  Select EcatRelayCA.cer and click Open
  18. Preview your settings and click Next
  19. Ensure the certificates are being placed in the Trusted Root Certificate Authorities Certificate store and click Next
  20. Preview your configuration and click Finish
  21. Scroll through the list of Certificate Authority certificates and verify the EcatRelayCA certificate is present
1 person found this helpful

Outcomes