Implementing certificates in TrueSight Operations Management using scripts
Supported with 11.3.02 and later
- The CLI commands to create and import certificates is supported only with:
- TrueSight Presentation Server version 11.3.02 and later
- TrueSight Infrastructure Management server version 11.3.02 and later
- TrueSight Integration Service version 11.3.02 and later
- The CLI commands to create and import certificates can be used only if you have root, intermediate, and server certificates. If you do not have all the 3 certificates, then manually create and import signed certificates. For details, Implementing private certificates in TrueSight Operations Management .
Security certificates play a significant role in securing the TrueSight Operations Management environment. You must create and apply a security certificate on your server to initiate a secure session with the browsers. After a successful implementation of the security certificate, you can observe that the HTTP changes to HTTPS format on your browser address bar, as shown in the following screenshot:
Deploying signed certificates in TrueSight Operations Management environment involves tasks such as creating a private key pair, generating a certificate signing request (CSR), sending the CSR to the Certificate Authority (CA) of your organization for signing, and importing the signed certificates into the component's keystores/truststores. Presentation Server and the Infrastructure Management server provides set of CLI commands that helps you as an administrator to deploy certificates easily and quickly.
The following procedures guide you to create and import certificates for the following TrueSight Operations Management components using the CLI commands:
Component | For detailed steps, see: |
---|---|
TrueSight Presentation Server | Using the
For details, see Create and import signed certificates in TrueSight Presentation Server |
TrueSight Infrastructure Management Server | Using the
For details, see Create and import signed certificates in TrueSight Infrastructure Management Server |
TrueSight Integration Service | Using the |
Where to go from here
Manually create and import signed certificates for the other TrueSight Operations Management components. For details, see Implementing private certificates in TrueSight Operations Management.
Comments
A summary of the aliases used for private keys and public, trusted certs for each component would be useful. As I understand it, and I may be wrong, it is important that the private key alias matches exactly what and individual TSOM component is expecting but the trusted cert alias name is more for user readability. These alias names seem to change between product versions so older docs can cause great confusion.
Hi,
I will discuss this with the SME and update you.
Thanks,
Rashmi
Hi,
I discussed this with the SME, and following is the summary of the discussion:
Yes, the private key alias must exactly match as expected by the TSOM component.
Alias name depends on the end-user and may vary depending on the end-user choice of names and environments.
A list of alias names may give an impression that they must be named as documented.
Log in or register to comment.