Skip to main content

Site CollectorSite Collector Administration Guide

Table of Contents

How to regenerate certificates for Site Collector Core

You need to regenerate Site Collector Core main certificates that include Site Collector Core web server certificates, Site Collector Core communication certificate, and Syslog default certificates in the following two scenarios:

  • If you change the Site Collector Core VM IP address or hostname

  • If the Windows Event Log Collector cannot use certificates from the Exabeam Security Operations Platform Web user interface to communicate with Site Collector Core

  • If you want to fix any issues associated with certificates

Use the following script to regenerate the certificates.

sudo /opt/exabeam/nifi/nifi_scripts/regenerate_certificate.sh

The scripts runs after your confirmation to run. If you run this script, you must reinstall all the Windows Event Log Collector instances and reconfigure Syslog clients that use certificates for TLS communication.

Here is an example of a successful execution of the script.

[exabeam@ihor-ngsc-centos-7 ~]$ sudo /opt/exabeam/nifi/nifi_scripts/regenerate_certificate.sh
The existing collectors that use certificates won’t work anymore and you have to redeploy them.
Are you sure you want to regenerate certificates and restart SC? Y/N? y
Support: --tlsv1.2 --tls-max 1.2  
Generating new certificates for NGSC Core
Generate certificates
Hostname: ihor-ngsc-centos-7
IP List: 10.70.2.12,172.17.0.1
Alternative names: localhost,ihor-ngsc-centos-7,10.70.2.12,172.17.0.1,ihor-ngsc-centos-7.c.ngsc-experiments.internal
Creating new certificates
[main] INFO org.apache.nifi.toolkit.tls.standalone.TlsToolkitStandaloneCommandLine - Using /opt/exabeam/nifi/nifi_conf/nifi.properties as template.
[main] INFO org.apache.nifi.toolkit.tls.standalone.TlsToolkitStandalone - Running standalone certificate generation with output directory /opt/exabeam/nifi/nifi_conf/ihor-ngsc-centos-7
[main] INFO org.apache.nifi.toolkit.tls.standalone.TlsToolkitStandalone - Generated new CA certificate /opt/exabeam/nifi/nifi_conf/ihor-ngsc-centos-7/nifi-cert.pem and key /opt/exabeam/nifi/nifi_conf/ihor-ngsc-centos-7/nifi-key.key
[main] WARN org.apache.nifi.toolkit.tls.standalone.TlsToolkitStandalone - Hostname count does not match given alternate name count. Verify names in resulting certificate.
[main] INFO org.apache.nifi.toolkit.tls.standalone.TlsToolkitStandalone - Writing new ssl configuration to /opt/exabeam/nifi/nifi_conf/ihor-ngsc-centos-7/ihor-ngsc-centos-7
[main] INFO org.apache.nifi.toolkit.tls.standalone.TlsToolkitStandalone - Successfully generated TLS configuration for ihor-ngsc-centos-7 1 in /opt/exabeam/nifi/nifi_conf/ihor-ngsc-centos-7/ihor-ngsc-centos-7
[main] INFO org.apache.nifi.toolkit.tls.standalone.TlsToolkitStandalone - Generating new client certificate /opt/exabeam/nifi/nifi_conf/ihor-ngsc-centos-7/CN=ihor-ngsc-centos-7_OU=NIFI.p12
[main] INFO org.apache.nifi.toolkit.tls.standalone.TlsToolkitStandalone - Successfully generated client certificate /opt/exabeam/nifi/nifi_conf/ihor-ngsc-centos-7/CN=ihor-ngsc-centos-7_OU=NIFI.p12
[main] INFO org.apache.nifi.toolkit.tls.standalone.TlsToolkitStandalone - tls-toolkit standalone completed successfully
Backing up current certificates
Moving new certificates
Extracting certificates from keystore and truststore
Importing keystore /opt/exabeam/nifi/nifi_conf/truststore.jks to /opt/exabeam/nifi/nifi_conf/truststore.p12...
Entry for alias nifi-cert successfully imported.
Import command completed:  1 entries successfully imported, 0 entries failed or cancelled
Importing keystore /opt/exabeam/nifi/nifi_conf/keystore.jks to /opt/exabeam/nifi/nifi_conf/keystore.p12...
Entry for alias nifi-key successfully imported.
Import command completed:  1 entries successfully imported, 0 entries failed or cancelled
Preparing certificates archives
  adding: ca.pem (deflated 28%)
  adding: cert.pem (deflated 28%)
  adding: key.pem (deflated 24%)
Preparing copy certificates to GCP bucket
Certificates were generated
Generating new certificates for NGSC Core was completed successfully
Enabling SSL Certificates Upload for NiFi
SSL Certificates Upload completed
Support: --tlsv1.2 --tls-max 1.2  
Stopping NGSC Core
Stop all Exa processors
Checking if NiFi queue is empty
NGSC was stopped successfully
Support: --tlsv1.2 --tls-max 1.2  
Starting NGSC Core
Start all Exa processors
NGSC Core was started successfully

Following are the key phrases that indicate successful execution.

SSL Certificates Upload completed
NGSC Core was started successfully