Starting from Sentinel 8.4.0.0, the communication between Elasticsearch and Sentinel is secured, hence http certificate needs to be added in the FIPS keystore of the Sentinel server and Remote Collector Managers (RCM).
If Event Visualization is not enabled, perform the following steps:
Add the internal Elasticsearch http certificate generated during the Sentinel installation to the Sentinel server's FIPS keystore using the below command:
./convert_to_fips.sh -i <sentinel_installation_path>/opt/novell/sentinel/3rdparty/elasticsearch/config/http.pks
Copy the internal Elasticsearch http certificate (<sentinel_installation_path>/opt/novell/sentinel/3rdparty/elasticsearch/config/http.pks) to all the RCMs and import them in the FIPS keystore using the below command:
./convert_to_fips.sh -i <path of the certificate copied above>/http.pks