Use the information in this topic to enable security for the communication between the following channels:
To successfully integrate the Infrastructure Management server and the IT Data Analytics, you must import the Infrastructure Management server cell certificate into the truststore of IT Data Analytics. The following section describes the steps in detail.
IT Data Analytics components communicate with the Infrastructure Management server cell to collect event data into IT Data Analytics and analyze it. Ensure that the Infrastructure Management server cell certificate is imported into the truststore of each of the following components of IT Data Analytics if they are installed on separate host computers.
If custom jre is used, use the cacerts located in the $JAVA_HOME/jre/lib/security/cacerts directory path.
Note
In the preceding directory path, $JAVA_HOME is set to point to the jre location that is used by the KM.
Search components: You need to import the Infrastructure Management server cell certificate into the cacerts truststore of all search components, if they are installed on separate host computers. The cacerts is located in the <ITDA installation directory>\jre\lib\security\cacerts directory location.
Standalone IT Data Analytics server: If collection station, collection agent, search components, and KM Agent are all installed on a single host computer, then import Infrastructure Management server cell certificate into the cacerts truststore located in <ITDA installation directory>\jre\lib\security\cacerts directory location.
Perform the following sequence of steps to import Infrastructure Management server cell into each of the preceding IT Data Analytics components:
The keytool utility that is used to import the certificate is present in the <IT Data Analytics Installation Directory>\jre\bin directory. Add this directory path to the PATH environment variable by running the following command:
#Microsoft Windows
set PATH=<IT Data Analytics Installation Directory>\jre\bin;%PATH%
#Unix
export PATH=<IT Data Analytics Installation Directory>/jre/bin:$PATH
Navigate to the directory where the cacerts truststore file is located.
Take a backup of cacerts file and name it as cacerts-update.
Copy the Infrastructure Management server cell certificate to this directory.
List all the keys in the cacerts-update truststore by running the following command:
keytool -list -keystore cacerts-update -storetype JKS -storepass changeit
Note
changeit is the default password for the cacerts-update truststore.
Delete the existing certificate alias from the cacerts-update by running the following command:
keytool.exe -delete -alias bmcitdacell -keystore cacerts-update -storepass changeit
bmcitdacell is the default cell certificate alias name in the cacerts-update truststore. If the existing certificate alias name is different, use that name accordingly in the preceding command. If you don't have an existing certificate alias in the truststore, you can ignore this step and proceed to the next step.
Import the Infrastructure Management server cell certificate into the cacerts-update truststore by running the following command:
keytool -importcert -keystore cacerts-update -file mcell.crt -alias bmcitdacell -storepass changeit
Note
mcell.crt: Name of the Infrastructure Management server cell certificate.
Verify that the certificate is successfully imported into the truststore by running the following command:
keytool -list -v -keystore cacerts-update -storepass changeit
Navigate to the directory where the cacerts file is located.
Microsoft windows: <ITDA installation directory>\jre\lib\security\cacerts
Rename the cacerts file to cacerts.orig
Restart the host computer.