Limited supportBMC provides limited support for this version of the product. As a result, BMC no longer accepts comments in this space. If you encounter problems with the product version or the space, contact BMC Support.BMC recommends upgrading to the latest version of the product. To see documentation for that version, see BMC AMI Ops Monitor for Java Environments 4.1.

Creating SSL members

You can create SSL members when you create or edit a target definition. Alternatively, you can create an SSL member at any time by using a global line command, as explained in the following procedure. 

  1. From any MainView for Java Environments view, type ADDSEC on the COMMAND line.The Create Security Member Dialog is displayed.

                             Create Security Member Dialog
      COMMAND ===>                                              SCROLL ===> PAGE  
                                                                         MORE: +  
      Security Information                                                        
                                                                                 
      Description     JMX Security Definition                                     
                                                                                 
      Member Suffix   NO   Suffix                                                 
      SSL Enabled     N    SSL to remote JVM                                      
      Password Auth   N    Password Check                                         
      Client Auth     N    Client must Auth                                       
      SSL Debug       N    SSL Debug Info                                         
                                                                                 
      Keystore                                                                    
                                                                                 
      Key Password                                                                
      Key Type                                                                    
                                                                                 
      Truststore                                                                  
                                                                                 
      Trust Password                                                              
      Trust Type

  2. Complete the fields as described in the following table:

    Field

    Default value

    Description

    Description=description

    No default

    Description of the SSL member

    Member Suffix=xx

    xx

    Suffix for the new SSL member

    Define a two-character number or alphanumeric suffix.

    SSL Enabled=[YES | NO]

    N

    Whether the target JVM requires SSL security for the connection

    Password Auth=[YES | NO]

    N

    Whether to enable password checking at the client

    Client Auth=[YES | NO]

    N

    Whether the target JVM requires SSL client authentication

    SSL Debug=[YES | NO]

    N

    Whether to create debug information on connection communications

    Keystore=keystorePath

    No default

    USS path to a keystore for SSL handshaking

    When the target JVM requires SSL security (SSL Enabled=YES), the implementation of SSL security is either Java SSL (JSSE) or RACF SSL.

    Valid values are as follows:

    • Java SSL (JSSE) –  the file path of the keystore
    • RACF SSL –  the name of the RACF keyring 

    Key Password=keystorePassword

    No default

    Password for the specified keystore

    Key Type=keystoreType

    No default

    Type of keystore

    Valid values are:

    • Java SSL (JSSE) –  JKS
    • RACF SSL –  JCERACFKS 

    Truststore=truststorePath

    No default

    USS path to a truststore for SSL handshaking

    When the target JVM requires SSL security (SSL Enabled=YES), the implementation of SSL security is either Java SSL or RACF SSL.

    Valid values are as follows: 

    • Java SSL (JSSE) –  the file path of the truststore
    • RACF SSL –  the name of the RACF keyring

    Trust Password=truststorePassword

    No default

    Password for the specified truststore

    Trust Type=truststoreType

    No default

    Type of truststore

    Valid values are:

    • Java SSL (JSSE) –  JKS
    • RACF SSL –  JCERACFKS
  3. On the COMMAND line, enter SAVE.

Related topic

Setting-up-JVM-targets-individually

Using


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*