9. Update SSL Certificate on Data TierΒΆ

The following provides the procedures for updating the SSL Certification.

  1. Replace the following two files on all the servers hosting HAWK-API and HAWK-iek (UX):

user@host#: /etc/pki/tls/certs/localhost.crt

user@host#: /etc/pki/tls/private/localhost.key

  1. Make sure the correct permissions are set.

user@host#: chmod 600 /etc/pki/tls/certs/localhost.crt

user@host#: chmod 600 /etc/pki/tls/private/localhost.key

  1. Restart the following services.

user@host#: service nginx restart user@host#: service httpd restart

  1. On the HAWK engines, edit the hawk-analyticsd.cfg, hawk-pulsed.cfg, and hawk-eventd.cfg files located in /opt/hawk/etc/:

# SSL Configuration
# Toggle SSL Peer Verification. Set to False if using a self-signed SSL certificate.
HTTPSSLVerifyPeer="True"
HTTPSSLVerifyHost="True"

  1. Restart the HAWK engine services:

user@host#: service hawk-analyticsd restart user@host#: service hawk-pulsed restart user@host#: service hawk-eventd restart

  1. On the Data Tier, edit hawk-msgd.cfg and hawk-reports.cfg files located in /opt/hawk/etc/:

insecure = false

  1. on the Data Tier, edit hawk-producerd.cfg file located in /opt/hawk/etc/:

# SSL Configuration
# Toggle SSL Peer Verification. Set to False if using a self-signed SSL certificate.
HTTPSSLVerifyPeer="True"
HTTPSSLVerifyHost="True"

  1. Go to the HAWK eyeCon UX and test that the correct SSL certificate is being used.