Configuring the Infrastructure Management Server to Presentation Server communication to enable TLS 1.2

Perform the following steps to configure the Infrastructure Management Server to the Presentation Server communication to enable TLS 1.2 mode:

• Step 1: To configure the Presentation Server
• Step 2: To configure the Infrastructure Management Server
• Step 3: To start the servers
• Step 4: To register the Infrastructure Management Server with the Presentation Server

To configure the Presentation Server

To configure the Infrastructure Management Server

1. Navigate to the <Infrastructure Management Server Install Directory>\pw\wildfly\store directory location.
2. Open the ssl.activemq-rar.rar file and extract the amq-broker-config.xml file.
3. Take a backup of the amq-broker-config.xml file.

4. (Optional - If using a non-default JMS port) By default, the URI attribute of transportConnector property is set to the port number 8093. If a different JMS port is configured, then update the property in the amq-broker-config.xml file as shown in the following example.

   

   Note

   In the example, transportConnector is set to port number 8096.

5. After the change, save the amq-broker-config.xml file and add it to the ssl.activemq-rar.rar file in the <Infrastructure Management Server Install Directory>\pw\wildfly\store directory again.

6. Navigate to the <Infrastructure Management Server Install Directory>\pw\pronto\bin directory, and run the switchTLSMode.pl script as shown in the following code block:

   #Syntax perl switchTLSMode.pl -<on/off> -flow <communication channel> -tsps <TrueSight Presentation Server name>
   
   #Example
   perl switchTLSMode.pl -on -flow event_and_data -tsps myserver.bmc.com

   Parameter description

   The following notes describe the key parameters used in the preceding command:
   

   • -on/off: on option enables TLS mode of communication. off option disables TLS mode of communication and enables the default tcp/ssl mode of communication.
   • -flow: If the flow is set to event_and_data, the communication between the Infrastructure Management Server and the Presentation Server is TLS 1.2 enabled.
   • TrueSight Presentation Server name: This is the fully qualified domain name (FQDN) of the computer where the Presentation Server is installed.
   • -h: This is an optional parameter, it displays the help for the the switchTLSMode.pl command

To start the servers

To register the Infrastructure Management Server with the Presentation Server

1. Ensure that all the processes of the Infrastructure Management Server are up by running the following command:

   pw p l
2. Register the Infrastructure Management Server with the Presentation Server. For more information, see Registering-the-components-with-the-Presentation-Server.

Where to go from here

For more information about how to configure other communication channels to enable TLS 1.2, see Configuring-TrueSight-Infrastructure-Management-to-enable-TLS-1-2.