Configuring the TrueSight Environment for the BMC Helix Change Management integration
Do the following to configure the TrueSight environment for the BMC Helix Service Resolution integration:
- Ensure that the integration with BMC Helix CMDB is configured.
- Import certificates into the TrueSight Presentation Server server.
- Configure the Helix Client Gateway.
- Configure the BMC Helix Change Management integration in the TrueSight console.
- Verify the integration.
This section explains each procedure in detail.
Step 1: Integrating with BMC Helix CMDB
Ensure that the integration with BMC Helix CMDB is configured. For more information, see Integrating with BMC Helix CMDB.
Step 2: Importing certificates into the TrueSight Presentation Server
Do the following:
Obtain the certificates from the Helix Network team or use the following URL to download them:
https://testssl.onbmc.com/
The following certificates are required:Name: digicert_global_root.cer
Alias: rootCAName: digicert_sha_256.cer
Alias: intermediateCAName: onbmc_wildcard.cer
Alias: onbmc_wildcardCA
- For TrueSight Operations Management version 11.3.02 or later, do the following to install the certificates in the TrueSight Operations Management keystore/truststore.
- On the TrueSight Presentation Server run the following command:
tssh certificate import ChangeManagement
- Enter a backup directory.
Enter the Change Management server details <
host:port
> to download the certificates.
The port number is optional. If you do not enter the port number, the default port 443 is used.
- On the TrueSight Presentation Server run the following command:
For TrueSight Operations Management version 11.3.01 or earlier, do the following to install the certificates in the TrueSight Operations Management keystore/truststore.
Copy the digicert_global_root.cer , digicert_sha_256.cer, and Onbmc_wildcard.cer certificates to the <TrueSight Presentation Server Installation Directory>/truesightpserver/conf/secure directory.
Copy the loginvault.ks keystore file and rename it to loginvalt-orig.ks.
Run the following commands in the order shown below to import the certificates:
keytool -importcert -trustcacerts -alias rootCA -keystore loginvault.ks -storepass changeit -file
digicert_global_root.cer
When prompted with theTrust this certificate?
question, typeYes
.keytool -importcert -trustcacerts -alias intermediateCA -keystore loginvault.ks - storepass changeit -file digicert_sha_256.cer
When prompted with theTrust this certificate?
question, typeYes
.keytool -importcert -alias onbmc_wildcardCA -keystore loginvault.ks -storepass changeit -file onbmc_wildcard.cer
When prompted with theTrust this certificate?
question, type Yes.
Copy tspstrustore.ts to tspstrustore-orig.ts.
Run the following command:
keytool -importcert -alias onbmc_wildcardCA -keystore tspstrustore.ts -storepass changeit -file onbmc_wildcard.cer
Navigate to the following directory, where the cacerts keystore is located.
Windows: <TrueSight Presentation Server Installation Directory>/truesightpserver/modules/jre/lib/security
- Linux: <TrueSight Presentation Server Installation Directory>/truesightpserver/modules/jre/lib/security
Copy the digicert_global_root.cer , digicert_sha_256.cer, and Onbmc_wildcard.cer certificates to the current directory.
Copy cacerts keystore file and rename it as cacerts-orig.
Import the certificates into the cacerts keystore by running the following commands in the given order:
keytool -importcert -trustcacerts -alias rootCA -keystorecacerts -storepasschangeit -file digicert_global_root.cer
When prompted with theTrust this certificate?
question, typeYes
keytool -importcert -trustcacerts -alias intermediateCA -keystorecacerts -storepasschangeit -file digicert_sha_256.cer
When prompted with theTrust this certificate?
question, typeYes
keytool -importcert -alias Onbmc_wildcard -keystorecacerts -storepasschangeit -file Onbmc_wildcard.cer
When prompted with theTrust this certificate?
question, typeYes
Restart the primary TrueSight Presentation Server.
Step 3: Configuring the BMC Helix client gateway
- Install the Helix client gateway. For information, see the BMC Helix documentation .
- Back up the <gateway installed location>\<gateway_name>\kwic-5.9.13\conf\kwic_config.xml file.
Copy the kwic_config.xml file to the proper location that you obtain from the BMC Helix network team.
- Restart the Helix client gateway.
Step 4: Configure the BMC Helix Change Management integration in TrueSight Operations Management
For TrueSight Operations Management 11.3.04 or later, do the following:
- Open the TrueSight console.
Click Administration > Integrations.
- Under Remedy ITSM, BMC Helix ITSM and BMC CMDB Integrations, click the Configure TrueSight Presentation Server with ITSM Change Management menu and then click Edit.
- On the Change Management Integration page, do the following:
- Add the following information:
- CMDB user name and password
- UDDI host name
- CMDB UDDI port number, user name, and password
- Select the HTTP or HTTPS protocol for the mid-tier server.'
- Select Activate Integration. If you do not want to activate the integration at this time, you can do it later.
The TrueSight Infrastructure Management connects to the Helix UDDI server and updates the CHG:CHGBPM:BPPMAdapter form with the TrueSight Infrastructure Management URL and port. This ensures that the necessary rest services endpoints are enabled and the TrueSight Infrastructure Management csm_user and csm_user password are set. - Disable the CSRF Filter. Use the command prompt and run the following commands in the given order:
tssh properties set csrFilter false
tssh properties reload
The BMC Helix network team updates the port in the CHG:CHGBPM:BPPM form to use the server gateway port.
- Add the following information:
- Click Save.
You can see the integration added on the Change Management Integration page.
The connects to the Helix UDDI server and updates the CHG:CHGBPM:BPPMAdapter form with the URL and port. This ensures that the necessary rest services endpoints are enabled and the csm_user and csm_user password are set.
Step 5: Verifying the integration
- Log in to BMC Helix Change Management, and go to Application Administration Console > Custom Configuration > Change Management > Advanced Options > Change CI Event Notification to BPPM > BPPM Subscription.
Click Test Connection to verify that the connectivity between BMC Helix Change Management and TrueSight Presentation Server is established.
If the connection test fails, do the following:
- Error:
400
Resolution: This error might appear if multiple entries of the CI are present in the system. See the arjavaplugin.log file or information about the error. Error:
401: Please check if you have manually change the password of default user (csm_user).
Resolution: Change the password from the CAI:AdapterConfiguration form.Error:
403
Resolution: Ensure that the CSRF filter in TrueSight Presentation Server is disabled.
- Error:
Create a change request in BMC Helix Change Management and click Submit.
Important: CI must be previously published
The CI must have been published previously from CMDB to TrueSight.
Login to the TrueSight console and verify that you have received a change event.
Log in to the TrueSight Administrator console, and verify that a blackout policy is created that is similar to the one below:
Comments
Log in or register to comment.