000034918 - Live test connection fails with "peer not authenticated " errors in RSA NetWitness 10.4.x

Document created by RSA Customer Support Employee on Mar 13, 2017Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000034918
Applies ToRSA Product Set: Security Analytics
RSA Product/Service Type: SA Live
RSA Version/Condition: 10.4.X
 
IssueLive Test connection fails from SA GUI and throws below errors.
SA.log:
Caused by: com.rsa.netwitness.cms.domain.model.exceptions.CmsException: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated 
at com.rsa.netwitness.cms.impl.CmsClientImpl.doHttpGet(CmsClientImpl.java:1459)
at com.rsa.netwitness.cms.impl.CmsClientImpl.authenticateCMSUser(CmsClientImpl.java:331)
... 133 more
Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

In putty, Live connection works using curl -v https://<user_name>:<password>@cms.netwitness.com:443 command.
CauseRecently, Live CMS server migrated from TLS1 to TLS1.2 default algorithm. This TLS1 algorithm is part of java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.x86_64 package. This issue is not observed in higher versions with  java-1.8.0-openjdk-1.8.0.111-0.b15.el6_8.x86_64 package.
WorkaroundPlease update Security Analytics to higher version which like 10.6.X version to get successful Live connection from SA GUI.

Attachments

    Outcomes