Core issue
This error message appears when the VMS is not able to import the IPS sensor.
Resolution
In order to resolve this issue, you have to generate the certificates again.
Complete these steps and try to import the sensor again.
- Use this command in order to generate the certificate:
cd c:\progra~1\cscopx\mdc\apachegencert.bat
- From Services, stop CiscoWorks Daemon Manager, and start CiscoWorks Daemon Manager.
Note: This generates a new Apache SSL certificate that is good for one year. If you want a longer one, edit gencert.bat and replace the 365 at the end of the batch file with higher value. For example, 3650 gives you apprxoimately 10 years.
- Now you need to manually reinstall the TLS certificate on your sensor(s).
For example, the tls trusted-host command from the IDS, just parse it out from a
config prompt and use the IP address of the VMS server.
You can regenerate the certificate with the tls generate-key command:
sensor(config)#tls generate-key
sensor(config)#no tls trusted-host ip-address (vms server ip)
sensor(config)#tls trusted-host ip-address (vms server ip)
- Or,
On VMS, unlike in CLI, to regenerate the SSL certificate, choose Server Configuration > Administration > Security Management > Create SelfSigned Certificates. You can regenerate the certificate from this screen.
