Use the netsh trace command to capture communication activities between the user terminal and the NES server, while performing the action that fails.
- On the NES server, open up a command prompt as administrator, and then type netsh trace start capture=yes tracefile=.\capture_server.etl scenario=internetserver
- On the user terminal, open up a command prompt as administrator, and then type netsh trace start capture=yes tracefile=.\capture_client.etl scenario=internetclient
- Delete all the files in the C:\Windows\System32\config\systemprofile\AppData\Roaming\Nymi\NSL\randomstring\ksp directory
Perform the action to trigger the certificate retrieval.
- If a user terminal the Evidian EAM Client software cannot retrieve certificates, restart the Enterprise Access Management Security Services service.
- If the enrollment terminal cannot retrieve the certificates, log into the Nymi Band Application.
Wait about a minute and then from the command prompt on both the user terminal
and the NES server, type netsh trace
The netsh command records the command line output into the filename that you specified with the tracefile option in the current directory.
Optional, to convert the output file to a text file, type the following command netsh trace convert input=filename.etl
The command creates a text file with the same name as the .etl file in the current directory.
- For ease of analysis, retrieve .etl file from the machine and use the etl2pcapng tool to convert the file into to a .pcapng file.
- Use an application such as WireShark to analyze the output to determine the communication path between components.