Our Environment currently is running Netwitness 11 and in the process of replacing the Default Certs with our own CA. My my question is does each system (Decoder, Appliance, Decoder, Concentrator etc..) has it's own cert. or does it's all maintained by one Cert? This is the first Cert upgrade for the Environment, so I wanted to make sure I have everything correctly.
I've moved your question to the RSA NetWitness Platform space where it will be seen by the product's support engineers, other customers and partners. Please bookmark this page and use it when you have product-specific questions.
Alternatively, from the RSA Customer Support" data-type="space page, click on Ask A Question on the blue navigation bar and choose Ask A Product Related Question. From there, scroll to RSA NetWitness Platform and click Ask A Question. That way your question will appear in the correct space.
You should probably only change the default self signed cert for the HTTPS UI page with your internal CA, this will reduce the user notices for accessing self signed websites by the major browsers.
I think NetWitness is its own CA for the internal communications between each component.