Agent Restart workflow does not enable parallel monitoring of PATROL Agents with different passwords
Unix or Linux PATROL Agents that have different passwords cannot be parallely monitored with the Agent Restart workflow.
To resolve this issue, you must configure Transport Layer Security (TLS) communication between TrueSight Operations Management and Atrium Orchestrator.
To configure TLS communication
Do the following:
Run the following command on the computer where you have installed TrueSight Infrastructure Management to create the TSIM_Server_Certificate.p12 certificate:
openssl pkcs12 -export -out TSIM_Server_Certificate.p12 -inkey TSIM_Server_Key.key -in TSIM_Server.crt -certfile CAcert.crt
On the computer where you have installed Atrium Orchestrator, copy the jssecacerts files from <AO_HOME>/CDP/jvm/lib/security.
On the computer where you have installed TrueSight Infrastructure Management, paste the jssecacerts files to the tmp directory, for example, C:/tmp.
Run the following command on the computer where you have installedTrueSight Infrastructure Management:
keytool -importkeystore -deststorepass changeit -destkeypass changeit -deststoretype JKS -destkeystore "C:\Program Files\BMC Software\BAO\CDP\jvm\lib\security\jssecacerts" -srckeystore TSIM_Server_Certificate.p12 -srcstoretype PKCS12 -srcstorepass password
On the computer where you have installed TrueSight Infrastructure Management, compress the jssecacerts file and copy it.
- On the computer where you have installed Atrium Orchestrator, paste the compressed file in <AO_HOME>/CDP/jvm/lib/security.
- Navigate to the <AO_HOME>/CDP/bin directory, and open the server.sh file.
- In the
JAVA_OPTS
variable, add the following option parameters:-DServerKeyStore=<AO_HOME>/CDP/jvm/lib/security/jssecacerts
-DServerKeyStorePassword=changeit
-DServerTrustStore=<AO_HOME>/CDP/jvm/lib/security/jssecacerts
-DServerTrustStorePassword=changeit
-Denabledsuites=TLS_RSA_WITH_AES_128_CBC_SHA256
- Restart the AO service.
On the computer where you have installed TrueSight Infrastructure Management, add the following entries in the Mcell.dir file:
gateway.imcomm BEMGW *TLS <AO_HOSTNAME>:1859 cell pncell_<TSIM_HOSTNAME> *TLS <TSIM_HOSTNAME>:1828
On the computer where you have installed the Atrium Orchestrator, add the following entries in the Mcell.dir file:
cell pncell_<TSIM_HOSTNAME> *TLS <TSIM_HOSTNAME>:1828 gateway.imcomm BEMGW *TLS <AO_HOST>:1859
- From the Administrator Console, set the event propagation policy to BEMGW.
- Verify the connection between TrueSight Infrastructure Management and Atrium Orchestrator by triggering an event manually from the TrueSight console and checking the event details in the Atrium Orchestrator grid.log file. The grid.log file is located at <AO_HOME>\CDP\tomcat\logs.
Comments
Log in or register to comment.