Creating and importing certificates in TrueSight Infrastructure Management

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. John Conroy

    It would be useful if the "pw certificate list" command could be run without the alias parameter and return all available aliases in a keystore/truststore along with the detail as to whether an alias relates to a private key or a trusted certificate. Without this the user has to revert to using the normal keytool utility.

    Also, as far as I can tell, in 11.3 the TSIM server private key is actually called "pnca" not "tsimserver". Does this matter as I'm led to believe that in the case of an application calling to its private key reference that the name is referenced and therefore important?

    Mar 10, 2020 10:50
    1. Rashmi Gokhale

      Hi,

      I will discuss this with the SME and update you.

      Thanks,

      Rashmi

      Mar 12, 2020 12:02
      1. Rashmi Gokhale

        Hi,

        Thanks for your feedback.

        I discussed this with the SME, and have shared this information with the certificate SME (Shahezad Mirkar).

        Yes, the private key is very important. The alias name shouldn’t matter. In TSIM-IS communication, pnca is the name at the server side and pnagent is at the client side, and it follows a mutual authentication.

        Thanks,

        Rashmi

        Jul 08, 2020 04:30
  2. Thurlow Caffey

    When I ran "pw certificate import TSIM" on the secondary to import the same p7b file that I'd imported on the primary, I got the following error: "Exiting, the /usr/pw/pronto/conf/tsimSrv.key file doesn't exist.". I had to copy it over from the primary in order to get things to work. You might want to mention this up above in setting up the secondary.

    Jul 13, 2020 04:48
    1. Rashmi Gokhale

      Hi,

      Thanks for your feedback.

      We have mentioned this step in the section: To create and import the certificates for the Infrastructure Management Server deployed in high-availability  – Step 4 &5.

      Thanks,

      Rashmi

      Jul 15, 2020 01:06
  3. Thurlow Caffey

    The "pw certificate * *" command set has worked well so far in my usage. What about when things don't work well? It's great that it makes lots of backups of important files but it would be even better if the command set had an "undo" or "reverse" operator/command modifier to put things back they way they were BEFORE using a given command. CONSIDER THIS A FEATURE REQUEST PLEASE!

    Jul 13, 2020 05:17
    1. Rashmi Gokhale

      Hi,

      Thanks for your valuable feedback.

      I have shared these details with the certificate SMEs.

      Thanks,

      Rashmi


      Jul 21, 2020 12:30
  4. Thurlow Caffey

    Same thing for TSPS for the "tssh certificate * *" command set; please add an "undo" or "reverse" operator/command modifier to put things back they way they were BEFORE using a given command. CONSIDER THIS A FEATURE REQUEST PLEASE!

    Jul 13, 2020 05:20
    1. Rashmi Gokhale

      Hi,

      Thanks for your valuable feedback.

      I have shared these details with the certificate SMEs.

      Thanks,

      Rashmi

      Jul 21, 2020 12:31
  5. Thurlow Caffey

    Regarding import the other component certificates into the Infrastructure Management Server, you should state what the generally expected alias is for a component to minimize confusion and malfunction.

    Jul 20, 2020 03:33
    1. Rashmi Gokhale

      Hi,

      Thanks for your feedback.

      I will add the details and publish the document.

      Thanks,

      Rashmi

      Jul 27, 2020 04:34
  6. Thurlow Caffey

    FEATURE REQUEST: It would be highly appreciated if you could write this kind of utility for setting up certs for patrol agents and integration service nodes as well; especially when having to setup "security level 4" communications with TLS.

    Jul 24, 2020 06:43
    1. Rashmi Gokhale

      Hi,

      Thanks for your feedback.

      I have shared this feature request with the certificate SMEs.

      Thanks,

      Rashmi 

      Jul 27, 2020 04:33