Control-M/Server PACTV.9.0.20.204

BMC Software is releasing patch PACTV.9.0.20.204 to enhance Control-M/Server 9.0.20.200 for UNIX and Windows.

Enhancements

The following enhancement is included in PACTV.9.0.20.204:

CTM-4669: SSL encryption is supported between Control-M/Server running on Linux and the following database servers:

• AWS PostgreSQL Relational Database Service (RDS)
• AWS PostgreSQL Aurora 

Installing the Patch

This procedure describes how to install patch PACTV.9.0.20.204 on Linux on top of Control-M/Server 9.0.20.200.

Before You Begin

• Obtain the installation package via EPD, as described in Obtaining-Control-M-Installation-Files-via-EPD.
• Verify that your original version of Control-M/Server is 9.0.20.x.
• Verify that Control-M/Server version 9.0.20.200 is installed

Begin

1. Extract the patch installation file that you obtained into a temporary directory with the following commands:
   cd <temporary directory>
   mkdir PACTV.9.0.20.204
   cd PACTV.9.0.20.204
   gunzip -c PACTV.9.0.20.204.tar.gz | tar xvf -
2. Log in as the Control-M/Server user and navigate to the home directory.
3. Shut down both the Control-M/Server and the Control-M/Server Configuration Agent with the following commands:
   • shut_ca
   • shut_ctm

4. Run the following command:

   <temporary directory>/PACTV.9.0.20.204/install_patch.sh

5. Restart both the Control-M/Server and the Control-M/Server Configuration Agent with the following commands:
   • start_ctm
   • start_ca

Enabling SSL Encryption

This procedure describes how to enable SSL encryption after patch PACTV.9.0.20.204 is installed.

Before You Begin

• Install patch 9.0.20.204
• Download a valid AWS certificate from the AWS website and save it to a location that is accessible to the Linux machine where your Control-M/Server account is installed.

Begin

1. From the home directory, shut down both the Control-M/Server and the Control-M/Server Configuration Agent with the following commands:
   • shut_ca
   • shut_ctm

2. Run the following command:

   ~/ctm_server/exe_Linux-x86_64/DBUData/scripts/ssl_api.sh --ENABLE_SSL --DB_USER_PASSWD <password> --CERTIFICATE_FILE <certificate location>

3. Log out and log in to Control-M/Server.

4. Test the connection with the following command:
   ~/ctm_server/exe_Linux-x86_64/DBUData/scripts/ssl_api.sh --TEST_CONNECTION --DB_USER_PASSWD <password>

   If the test completed successfully, the following message appears:

   SSL is enabled
   SSL version: TLSv1.2
   Cipher: ECDHE-RSA-AES256-GCM-SHA384
   Bits: 256

5. Restart both the Control-M/Server and the Control-M/Server Configuration Agent with the following commands:
   • start_ctm
   • start_ca

Disabling SSL Encryption

This procedure describes how to disable SSL encryption before uninstalling patch PACTV.9.0.20.204.

Begin

1. From the home directory, shut down both the Control-M/Server and the Control-M/Server Configuration Agent with the following commands:
   • shut_ca
   • shut_ctm

2. Run the following command:

   ~/ctm_server/exe_Linux-x86_64/DBUData/scripts/ssl_api.sh – DISABLE

3. Log out and log in to Control-M/Server.
4. Restart both the Control-M/Server and the Control-M/Server Configuration Agent with the following commands:
   • start_ctm
   • start_ca

Uninstalling the Patch

This procedure describes how to uninstall patch PACTV.9.0.20.204 from Control-M/Server on Linux.

Before You Begin

Disable SSL encryption.

Begin

1. Log in as the Control-M/Server user and navigate to the Control-M/Server home directory.
2. Shut down both the Control-M/Server and the Control-M/Server Configuration Agent with the following commands:
   • shut_ca
   • shut_ctm

3. Run the following command:

   ${HOME}/patches/PACTV.9.0.20.204/uninstall_patch.sh
   

4. Restart both the Control-M/Server and the Control-M/Server Configuration Agent with the following commands:
   • start_ctm
   • start_ca