Open topic with navigation

Certificates for ESM Destinations

Uploading a Certificate to the Logger:

Upload a valid server SSL (Secure Sockets Layer) certificate file for the ArcSight Manager that you are establishing as a Logger destination for forwarding events and alerts.

Note: Certificate names might include "JDK" after upgrading to Logger 6.5 .

 If your Manager does not have FIPS 140-2 mode enabled, you can obtain a certificate file for your Manager in these ways:

Use the keytoolgui utility to export a Manager’s certificate as described in the “Using Keytoolgui to Export Certificate” procedure in the ArcSight ESM Administrator’s Guide. For detailed information about keystore, truststore, their locations on the Manager, ArcSight Console, and the SmartConnectors, see the ArcSight ESM Administrator’s Guide.

Once you have exported a certificate for your Manager, copy it to the machine from which you connect to your Logger.

If your Manager has FIPS 140-2 mode enabled, run this command to export the Manager’s certificate from the Manager’s <ARCSIGHT_HOME>/bin directory:

arcsight runcertutil -L -n managerkey -r -d <ARCSIGHT_HOME>/config/jetty/nssdb -o <absolute_path_to_manager.cert>

This command generates the manager.cert file, the Manager’s certificate, in the location that you specified in the above command.

Note: By default, the manager.cert file will be exported to your <ARCSIGHT_HOME> directory if you do not specify the absolute path to the manager.cert file destination.

To upload a certificate file for an ESM Destination:

  1. Make sure you have copied the Manager certificate to the machine from which you connect to your Logger.
  2. Open the Configuration > Data menu and click Certificates.

  3. Click Add. An screen will be displayed.

  4. Enter a Certificate Alias.

    1. This name is used to easily identify a certificate file. For example, arcsight_esm_manager1_cert.

    2. Each alias should have a unique name.
    3. (Optional) To overwrite an existing certificate with the same alias, check the Overwrite Certificate box.
  5. Click Choose File to locate the Manager Certificate file you copied.
    1. Do not modify the content or structure of the certificate.
    2. Only valid formats are: .cer, .crt, and .pem.
    3. Valid files cannot exceed 10 MB in size.
  6. Click Save.
    7. Note: If the alias name is empty and/or the certificate uploaded is incorrect, an error message will be displayed.