IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Amazon AWS CloudTrail - No trusted certificate found

  • 1.  Amazon AWS CloudTrail - No trusted certificate found

    Posted Wed August 04, 2021 09:15 AM

    I'm trying to get CloudTrail logs into qradar. Log source Amazon AWS CloudTrail does not work. I am getting error "Error: Error with SSL Handshake connecting to host [s3.amazonaws.com] on port [443]: [com.ibm.jsse2.util.h: No trusted certificate found]"

    I downloaded certificate from https://s3.amazonaws.com using script /opt/qradar/bin/getcert.sh , script saved certificate info /opt/qradar/conf/trusted_certificates. But nothing changed, error persist. Thank for help



    #QRadar
    #Support
    #SupportMigration


  • 2.  RE: Amazon AWS CloudTrail - No trusted certificate found

    Posted Thu August 05, 2021 07:16 AM

    I have seen this for customer who have a webproxy in between QRadar and the s3 amazonaws server. It could be because of the missing proxy cert in the trust store.

    If that's the case, try following this https://www.ibm.com/docs/en/qsip/7.4?topic=au-configuring-updates-behind-proxy-server-that-uses-ssl-tls-interception

    if you still doesn't work for you, then you should open up a IBM support ticket.



    #QRadar
    #Support
    #SupportMigration


  • 3.  RE: Amazon AWS CloudTrail - No trusted certificate found

    Posted Thu November 30, 2023 08:37 AM

    Hi Did this worked for you ? I am getting same issue while doing this for DUO. 

    Thanks

    Ashish



    ------------------------------
    Ashish Sharma
    ------------------------------

    Original Message