|Applies To||RSA Product Set: NetWitness Endpoint, ECAT|
RSA Product/Service Type: REST API
RSA Version/Condition: 4.4, 4.3, 4.2, 4.1
|Issue||The RSA NetWitness Endpoint REST API service throws an Error code 500 (Internal Server Error) message.|
This error occurs when attempting to configure any of the External Components that make use of the API Service.
It also occurs during the last step of the External Components Configuration Diagnostic test.
This also applies to diagnostic tests for each of the external components as well.
The same error will be thrown when attempting to access the REST API Interface. (https://localhost:9443/api/v2/swagger-ui)
|Cause||The most likely cause of this issue is due to a misconfiguration of the API Server and the RSA NetWitness Endpoint Console Server service.|
By default the RSA NetWitness Endpoint API Server (Referred to as the RSA ECAT API Server in the Windows Services) uses port 9443.
If the port is changed to another value, (in particular port 443), it will result in the error.
|Resolution||To resolve the issue, follow the instructions below.|
- Navigate to the RSA NetWitness Endpoint Install Directory. (the default location is C:\Program Files\RSA\ECAT\Server)
- Make a back up copy of the ApiServer.exe.config and the ConsoleServer.exe.config files and then move them to another location on the host.
Note: Both files are the type "Conf" or "xml" depending on how the Windows view is configured.
- Open the ApiServer.exe.config file, and search for line below. (Note: The value could be different, this example below is using port 443.)
<add key="ListeningPort" value="443"/>
- Change the value key from the existing value to 9443.
<add key="ListeningPort" value="9443"/>
- Save the file.
- Open the ConsoleServer.exe.config file and search for lines below. (If the default port is changed in the ApiServer.exe.config, the same port should be used in the ConsoleServer.exe.config file in both instances.)
Note: The baseAddresses value will be listed twice in the ConsoleServer.exe config file.
<!-- The value "ecat" below for baseAdderss will be replaced with "https://*:9443/ecat/" by ECAT installer-->
- Change the baseAddresses value to https://*:9443/ecat
<!-- The value "ext" below for baseAdderss will be replaced with "https://*:9443/ext/" by ECAT installer-->
- Save the file.
- Stop the RSA ECAT API Server and the RSA ECAT Server. (Could be the RSA ECAT Console Server depending on version)
- Start the RSA ECAT Console Server and the RSA ECAT API Server.
(For larger sites, allow sufficient time before running the various diagnostic tests, the ApiServer.exe and the ConsoleServer.exe will memory footprint will be similar in the Windows task manager)
When you open the External Components Configuration panel in the UI, the various diagnostic tests should pass and the API server will show as running. (green check box in the upper right corner)
|Notes||The Internal Server Error (500) is not limited to this issue, If using different ports then the default for the Api Server, revert back to port 9443.|