Home
Security Compliance Analytics
Security and Compliance Analytics (SCA) is a web-based application designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
Security and Compliance Analytics Setup Guide
BigFix for Security and Compliance Analytics (SCA) is a web-based application designed to help manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
Installing Security and Compliance Analytics
Migrating keystores
Follow these steps to migrate keystores in BigFix Compliance Analytics. A keystore is a database file that stores security certificates, such as authorization or public key certificates.

Security Compliance Analytics
Security and Compliance Analytics (SCA) is a web-based application designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
- Security and Compliance Analytics Setup Guide
  BigFix for Security and Compliance Analytics (SCA) is a web-based application designed to help manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
  - Introduction
  - Installing Security and Compliance Analytics
    - Download BigFix Compliance Analytics
    - Running the installer
      Follow these steps to install BigFix Compliance Analytics.
    - Upgrading
    - Migrating keystores
      Follow these steps to migrate keystores in BigFix Compliance Analytics. A keystore is a database file that stores security certificates, such as authorization or public key certificates.
    - Performing initial set up and configuration
    - Configure HTTPS
    - Configuring LDAP
    - Log files
      This section describes how to access log files and the options associated with BigFix Compliance Analytics.
  - Uninstalling
    To remove BigFix Compliance from your infrastructure, stop the application-specific actions and analyses that are running on the computers and uninstall the scanner. Remove the VM Manager tool. Subsequently, uninstall the BigFix Compliance server, and optionally eliminate the associated database as well.
- Security and Compliance Analytics User Guide
  BigFix for Security and Compliance Analytics (SCA) is a web-based application that is designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.

Migrating keystores

Follow these steps to migrate keystores in BigFix Compliance Analytics. A keystore is a database file that stores security certificates, such as authorization or public key certificates.

About this task

The BigFix Compliance Analytics installer will save the following files for your reference under <TEMA_ROOT>\wlp\usr\servers \server1\resources\security\.

Under <TEMA_ROOT>\wlp\usr\servers \server1\resources\security\, a copy of your original keystore file
Under <TEMA_ROOT>\wlp\usr\servers \server1\config\
- A copy of your original jetty.xml file
- The keystore password in deobfuscated_password file

Migrating keystores require the following:

Java Runtime Environment (installed in <TEMA_ROOT>\jre\bin\
The original keystore file
The deobfuscated_password file
Command prompt (Windows) with appropriate PATH set

Procedure

Convert the keystore from JKS to PKCS12 format.

Table 1. Example command line of converting the keystore format from JKS to PKCS12
Command line example	Reference
	Input file: `keystore` Output file: `keystore.p12` <password_string>: The password string saved in the deobfuscated_password file `key_pass`: The new password of your choice for `keystore.p12`. The password must be a minimum of 6 characters.

Convert the PKCS12 format keystore into PEM format certificate and key using OpenSSL.

Table 2. Example command line of converting the keystore format from PKCS12 to PEM
Command line example	Reference
`> openssl pkcs12 -in keystore.p12 -out keystore.pem`	Input file: `keystore.p12` Output file: `keystore.pem`

You will be prompted to enter the following passwords:

Password (Import password) for keystore.p12
New password of your choice for the private key. The password must be a minimum of 4 characters.

Open the PEM encoded certificate and key (keystore.pem). Save it as certificate and a private key file.
1. The file keystore.pem contains both the certificate and private key in sections.
2. Copy then save the following section server.crt.
  -----BEGIN CERTIFICATE-----
  ...
  -----END CERTIFICATE-----
3. Copy then save the following section as server.key.
  -----BEGIN RSA PRIVATE KEY-----
  ...
  -----END RSA PRIVATE KEY-----
Go to Management > Server Settings.
Apply the following in BigFix Compliance Analytics.
- certificate (server.crt)
- key pair (server.key)
- password (PEM pass phrase entered in Step 2.)