Cisco SourceFire or Firesight Estreamer Woe
Pertaining back to the same discussion some time back , here is something i did to resolve the connection error .
Typical Java error i am facing and forever seeing this is
" connection closed by remote host "
Thing to check back ,
a) open up defense center or Virtual Defense with admin right
b) Click on Monitoring -> Syslog
c) type your ip address of the SC that talking to VD or DC
d) Spot the error
Nov 26 2015 10:22:42 Sourcefire3D SF-IMS:  EventStreamer child(x.x.x.x):ConnectionHandler [ERROR] Certificate Common Name x.x.x.x does not match remote host: y.y.y.y . It was issued to a different client.
This error due to ip address translation from FW to DC , get your Network or FW team to resolve it .
However , i speed-up the process by using hostname and instead of using IP address as my PKCS cert .
So my cert file name now in user/agent/sourcefire/<myschost>.pkcs
then i hit another error.
Nov 26 2015 10:33:22 Sourcefire3D SF-IMS:  EventStreamer child(myschost):ConnectionHandler [INFO] DNS lookup failure for myschost: Invalid Argument
Nov 26 2015 10:33:12 Sourcefire3D SF-IMS:  EventStreamer child(myschost):ConnectionHandler [ERROR] Can not resolve remote host: myschost for issued certificate (err:SUCCESS)
To resolve this ,
add an entry with the valid ip address in /etc/hosts in the Sourcefire3D appliance or server (need root access though) and do a trial ping back to "myschost" to confirm connection.
Hope this help