Sunday, December 22, 2019

Update Stealthwatch Management Console Identity Cert Best Practice?

I have an SMC, Flow Collector, and Flow Sensor VMs deployed. They are all on version 7.0.

When I initially added the Flow Collector and Flow Sensor VMs to SMC I accepted the default self-signed SMC cert. I'm going to be replacing the SMC identity cert with one signed by a CA.

In all the documentation I read on doing this it cautions "Your certificates are critical for your system’s security. Improperly modifying your certificates can stop Stealthwatch appliance communications and cause data loss."

https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/system_installation_configuration/SW_7_0_Installation_and_Configuration_Guide_DV_5_0.pdf

Is there a best practice on how to do this without breaking my SMC, FC, and FS deployment? Do I have to remove the FC and FS from SMC, update the SMC identity cert, add the chain to the FC, FS then re-add the FC and FS? Or do I just add the chain to the FC and FS then update the SMC identity cert, then reboot the FC and FS without removing them from SMC?

Any help is appreciated as I don't want to permanently break my deployment.



No comments:

Post a Comment