Configuring the Infrastructure Management Server to Oracle database communication to enable TLS 1.2

Perform the following steps to configure the Infrastructure Management Server to Oracle database communication to enable TLS 1.2 mode:

To configure the Infrastructure Management Server to Oracle database communication to enable TLS 1.2

Perform the following steps to enable the Infrastructure Management Server to Oracle database communication in TLS mode:

1. Stop the Infrastructure Management Server by running the following command:

   pw system stop
2. Go to the <Infrastructure Management Server Install Directory>\pw\pronto\conf directory, and add COMDefine oracle.jdbc.autoCommitSpecCompliant=false in the pnagentcntl.conf file.
   
   
   

3. Go to the <Infrastructure Management Server Install Directory>\pw\pronto\bin directory, and run the switchTLSMode.pl script as shown in the following code block:

   #Syntax
   perl switchTLSMode.pl -<on/off> -flow <communication channel> -dbport <Oracle Database port> -dbver <Oracle Database version>
   
   #Example
   perl switchTLSMode.pl -on -flow oracle -dbport 2484 -dbver 19C
   

   Parameter description

   The following notes describe the key parameters used in the preceding command:
   

   • -on/off: on option enables TLS mode of communication. off option disables TLS mode of communication and enables the default tcp/ssl mode of communication.
   • -flow: This variable can have two options: event_and_data, and oracle. If flow is set to oracle, the communication between the Infrastructure Management Server and the Oracle database is TLS 1.2 enabled.
   • -dbport: Specify the port number that is configured for the Oracle database communication.
   • -dbver: Specify the Oracle database version. There are two compatible Oracle database versions: 12C, 19C

4. Open the pronet.conf file in the <Infrastructure Management Server Install directory>\pw\custom\conf directory, and verify that the configuration parameters are set as shown in the following code block:

   pronet.api.database.portnum=2484
   #Configuration settings to make TLS compliant
   pronet.api.database.conntype=ssl
5. Verify that the latest oracle JDBC driver ojdbc8.jar is copied in the <Infrastructure Management Server Install directory>\pw\apps3rdparty\jdbc directory. 

6. Run the following command to verify if the Infrastructure Management server is able to establish a connection with Oracle database in TLS mode:

   #Microsoft Windows
   <Infrastructure Management Server Install directory>\pw\pronto\bin\runjava api.database.DbUpCheck
   
   #Linux
   <Infrastructure Management Server Install directory>/pw/pronto/bin/runjava api.database.DbUpCheck
   
   
   #Example output
   INFO 06/08 21:14:34 Library 600002 Setting SSL properties for Oracle database connection
   success

7. Start the Infrastructure Management Server by running the following command:

   pw system start

8. Run the following command to verify if the Infrastructure Management server is able to establish a connection with Oracle database:

   pw p l
   
   #Example Output
   BMC TrueSight Infrastructure Management Command Line Interface 2020 version 11.3.04
   
   Copyright
   1997-2020 BMC Software, Inc. as an unpublished work.  All rights reserved.
   
   Servers/Daemon Processes      
   ------------------------         
   services   15788             
   httpd    9024           
   jserver    9812      
   pronet_agent   12860       
   pronet_cntl   13364       
   tunnelproxy   14352              
   rate   10292
   Oracle  
   Running  on test-bmc-setup:2484             
   mcell    1788

   After restarting, the Infrastructure Management server status must be displayed as connected in the associated Presentation Server.

Where to go from here

For more information about how to configure other communication channels to enable TLS 1.2, see Configuring-TrueSight-Infrastructure-Management-to-enable-TLS-1-2.