Do you have feedback on our new interface?
Do you have feedback on our new interface? Let us know HERE
Highlighted
Honored Contributor.. Oliver843 Honored Contributor..
Honored Contributor..
346 views

ESM Certificate Generation Issues

Jump to solution

Hello,

I am having problems with creating a new certificate using the keytoolon ESM 7.0P1

This is a fresh install on RHEL.

When I attempt to run the command below which i editted from the admin guide:

<ARCSIGHT_HOME>/jre/bin/keytool -genkeypair -keystore config/keystore.client
-storetype JKS -storepass password -dname "cn=John Smith, ou=ArcSight, o=MF,
c=US" -alias testKey -validity 365

i get the error that the keystore has been tampered with or the password is invalid.

I tried to check the client.properties file in <ARCSIGHT_HOME>/config to check the password only to find that there wasn't a client.properties file in that directory.

I checked the client.default.properties file for the password but the password was blank.

i then reran the command without the -storepass password but it asked me to enter a password afterwards which i left blank and pressed enter. I then got the error the keystore has been tampered with or the password is invalid

After this i created the client.properties file and added ssl.keystore.password=password and atempted to rerun the command which again gave me The keystore has been tampered with or the password is invalid

Has anyone else experienced this error?

Thanks in advance for any thoughts you may have.

Regards

Oliver

Labels (1)
0 Likes
1 Solution

Accepted Solutions
Knowledge Partner
Knowledge Partner

Re: ESM Certificate Generation Issues

Jump to solution

Hi Oliver,

 

if you want just to used the Self - Signed Certificate why did not followed the steps from page 95 from the same document ?

What was the reason behind createing a new keystore if you are not using and CA-Signed SSL Certificate?

 

all the best,

 

Daniel

0 Likes
7 Replies
Knowledge Partner
Knowledge Partner

Re: ESM Certificate Generation Issues

Jump to solution

Hi Oliver,

 

can you please try to explain what exactly are you tring to do.

Are you whant to swtich from Self-Signed certificate to a CA-Signed SSL cerficate ?

 

all the best,

 

Daniel

0 Likes
Honored Contributor.. Oliver843 Honored Contributor..
Honored Contributor..

Re: ESM Certificate Generation Issues

Jump to solution

Hi Daniel,

I wish to create a new self signed certificate as the current one is the default with standard arcsight values.

i am following the ESM admin guide for ESM 7 page 89.

Regards

Oliver

0 Likes
Knowledge Partner
Knowledge Partner

Re: ESM Certificate Generation Issues

Jump to solution

Hi,

Apparently someone solved the issue by defaulting to the default password 'changeit'

StackOverFlow solution

0 Likes
Honored Contributor.. Oliver843 Honored Contributor..
Honored Contributor..

Re: ESM Certificate Generation Issues

Jump to solution

Hello,

changeit does not yeild a different result i'm affraid.

Thanks for your reply though

0 Likes
Knowledge Partner
Knowledge Partner

Re: ESM Certificate Generation Issues

Jump to solution

Hi Oliver,

 

if you want just to used the Self - Signed Certificate why did not followed the steps from page 95 from the same document ?

What was the reason behind createing a new keystore if you are not using and CA-Signed SSL Certificate?

 

all the best,

 

Daniel

0 Likes
Honored Contributor.. Oliver843 Honored Contributor..
Honored Contributor..

Re: ESM Certificate Generation Issues

Jump to solution

This has fixed it.

Thanks

0 Likes
dkuehner Super Contributor.
Super Contributor.

Re: ESM Certificate Generation Issues

Jump to solution

Yes the password for the keystore has actually to be the default pw.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.