Thursday, January 30, 2014

Unofficial: Replacing HP ArcSight Logger private key and certificate for web management console

From management  console, it does not allow you to import a private key.  Sometimes if it is mandatory to pre-generate the key from another sources, you will not able to use the pre-generate key.

However, replacing the private key and certificate is not that difficult.  They are located at

/opt/arcsight/logger/userdata/platform/ssl.crt

assuming the installation folder is /opt/arcsight/logger.

The private key file, must be not encrypted (-nodes), is called server.crt.  The certificate file is called server.pem.

Replacing these two files with your own pre-generate private key and certificate, then restart the HP ArcSight Logger service.  This makes the newly loaded private key and certificate effective.

This is not officially supported by HP, I think.

1 comment:

corylus said...

That was useful thanks. The only comment I have is that the server.crt is the signed certificate and the server.pem is the private key. This confused me as, as far as I am aware, a pem file is normally a certificate.
See this useful description of all the SSL file types:
http://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file