Smarsense was not working , hst server as well agents were getting down , I did these three steps to get it up and it worked but wanted to under stand why did it work ? because after restart same keys could be created in same file why removing of these keys worked for me :
please find below steps I have followed in order to insure hst-server and agents get up :
1. Remove all the old certificates and keys from hst-server by using below commands :
rm -f /var/lib/smartsense/hst-server/keys/ca.key
rm -f /var/lib/smartsense/hst-server/keys/*.csr
rm -f /var/lib/smartsense/hst-server/keys/*.crt
rm -rf /var/lib/smartsense/hst-server/keys/db/*
echo 01 > /var/lib/smartsense/hst-server/keys/db/serial
2. Remove all certificates from keys folder on all hst-agent hosts using below command : #rm -f /var/lib/smartsense/hst-agent/keys/*
3. restarted Smartsense and it worked.
The most common scenario is when the HST server certificates gets expired then we might see following kind of messages in the logs.
javax.net.ssl.SSLException: Received fatal alert: certificate_expired
SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Hostname changes also might cause certificate name mismatch from the already generated certificates and can cause this kind of issue, In such scenarios we will need to regenerate the SSL keys. We can also do "# hst reset" in order to reset the HST server SSL certificate database, which forces all HST agents to regenerate their certificates.
I faced the same issue and on application of these commands it worked but Even after the hst server/agent are up, smartsense is still not able to collect data. The queries are not populating any data. Why is that happening? @Jay Kumar SenSharma
Please can you help.