topic Re: Stealthwatch CA Idendity Certificate in Security Analytics

Stealthwatch CA Idendity Certificate

Barakat — Fri, 12 May 2023 13:27:47 GMT

Hi all,

I have a problem when I try to update the identity certificate of the Manager to a custom one of my own CA.

When I update it, I loose the connection to the appliance and I get "Config Channel Down"

And according to the documentation, I should remove the appliance through the console. but when I do, I receive this error:

and the operation failed.

what should I do? anybody can help?

Thanks in advance,

Re: Stealthwatch CA Idendity Certificate

Marvin Rhoads — Fri, 12 May 2023 16:09:14 GMT

What version are you running and what procedure did you follow in your attempt to replace the certificate?

Re: Stealthwatch CA Idendity Certificate

Barakat — Fri, 12 May 2023 17:16:57 GMT

I have the last version 7.4.2 in virtual platform.

I have received the Certificate from the CA authority containing the info and the URL.

I have added this certificate with CA certificate to the trust store in all the appliance.

Then I replaced it with the self signed one in the identity certificate tab.

I tried to follow the instruction in this file page 73:

https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/certificates/7_4_2_SSL_TLS_Certificates_for_Managed_Appliances_Guide_DV_1_0.pdf

Re: Stealthwatch CA Idendity Certificate

Marvin Rhoads — Mon, 15 May 2023 07:40:57 GMT

That's the correct procedure. The only thing I can guess is possibly you did not install all certificates in the chain (root, intermediate and issuing CA certificate, as applicable).

If you did that, then I would suggest opening a TAC case. They can guide you through the cli procedure to replace the non-working certificate with a self-signed one and then work with you to determine the root cause for the problem you're experiencing.

Re: Stealthwatch CA Idendity Certificate

Barakat — Mon, 15 May 2023 08:24:34 GMT

I already added the CA, CA issuing and the cert to the trust store. but as I explained I succeed to open the URL securely

but I lost the connection to the manager (config channel down)

I will see with Cisco.

Thanks a lot

Re: Stealthwatch CA Idendity Certificate

Barakat — Wed, 07 Jun 2023 06:26:52 GMT

The problem was in using a wrong template to create the certificate.

The template should be ((server authentication and client authentication))