SmartSense SSL troubleshooting
SmartSense components use SSL for protecting communications between the HST server and agents, and between the HST server and SmartSense gateway. If installation issues arise, you can reset these SSL certificates.
1. To reset the HST server SSL certificate database, which forces all HST agents to regenerate their certificates, use the hst reset command:
# hst reset Resetting SmartSense Server will remove server and all registered agent certificates and reset the certificate database. Do you want to continue? [y/n] (default: n): y SmartSense Server is currently running and needs to be stopped in order to reset. Do you want to stop the SmartSense Server? [y/n] (default: n): y SmartSense Server stopped SmartSense Server reset completed. Do you want to restart SmartSense Server? [y/n] (default: y): y Server PID at: /var/run/hst/hst-server.pid Server out at: /var/log/hst/hst-server.out Server log at: /var/log/hst/hst-serer.log Waiting for server start . . . . . . .
2. Next, you must manually reset each individual HST agent after running this command. For instructions on how to reset the agents, see the following HST Agent section.
An individual agent is having issues related to SSL when communicating with the HST server.
You have just reset the HST server SSL certificate database (see the HST Server section above). In this case, you must perform these steps on each individual HST agent.
1. Use the hst reset-agent command to remove all certificates registered with the HST server for the specific agent.
# hst reset-agent Resetting SmartSense Agent will remove all certificates registered with SmartSense server. Do you want to continue? [y/n] (default: n): y SmartSense Agent reset completed. # hst setup-agent -q
If HST server is having issues related to SSL when communicating with the SmartSense gateway, you can use the hst gateway reset to remove all HST server certificates registered with the specific gateway.
# hst gateway reset Resetting SmartSense Gateway will remove all certificates and reset the certificate database. Do you want to continue? [y/n] (default: n): y SmartSense Gateway stopped SmartSense Gateway reset completed. Gateway has to be started to create new certificates. Do you want to start the Gateway? [y/n] (default: y): y SmartSense Gateway PID at: /var/run/hst/hst-gateway.pid SmartSense Gateway out at: /var/log/hst/hst-gateway.out SmartSense Gateway log at: /var/log/hst/hst-gateway.log Waiting for Gateway start . . . . . . . . . . SmartSense Gateway started.