HP UX Matrix Operating EnvIronment manual Completing certificate exchange, Introduction

Page 65

D Completing certificate exchange

Introduction

NOTE: The information in this section applies only in the situation where Application Discovery Version 4.0 agents are running on managed nodes in the monitored network. Application Discovery 4.1 and 6.x agents and servers do not require SSL certificate exchange for secure data transmission.

Application Discovery uses Secure Sockets Layer (SSL) certificates to authenticate and secure data transmission between Application Discovery agents and the Application Discovery server. Once Application Discovery components are installed, the accompanying certificate information for Application Discovery server and for Application Discovery agent must be exchanged to allow the server and agents to recognize legitimate transmissions.

Certificate exchange can be done within HP Systems Insight Manager software (HP SIM) or from the command line on the central management server.

Using HP SIM to complete certificate exchange

1.Initiate certificate exchange by selecting Configure Insight Dynamics AgentsExchange AD Agent Certificates from the top menu.

2.Select the HP-UX systems where you want the exchange to occur using the HP SIM system selection list. Click Apply.

3.Verify the system selection and click Next.

4.A description is displayed of the action about to take place. When you are sure that you want to exchange certificates so that the Application Discovery agent can begin reporting data to the server, click Run now to complete the certificate exchange.

NOTE:

If you find that you are unable to exchange certificates from within HP SIM, check the following:

That you have the correct permissions associated with your login ID.

That the targeted managed node is authorized to accept remote commands from HP SIM.

To set the correct SSH configuration that authorizes the acceptance of remote commands, type the following command on the CMS:

mxagentconfig -a-nmanaged_system -ulogin -ppassword

where managed_system is the name of the target system for which you want to enable remote communication, login is the user name on the managed system, and password is the password of that user on the managed system.

Completing certificate exchange from the command line

From the command line, you can exchange certificates with one managed host at a time.

1.Log in as a privileged user on the managed system.

2.Assuming installation to default directories, type from the command line:

/opt/amgr/bin/agent_config -start

-uoption supported on HP-UX only:

You might be prompted to provide a password for the specified user for the system login. You must supply the password in order to proceed.

3.Once the login is accomplished, the CMS sends its SSL certificate to the agent on the managed host, and the agent supplies its SSL certificate to the CMS. Application Discovery agents can now transfer data securely to the CMS, and the CMS can authenticate the transmission.

Introduction 65

Page 64 Page 66
Image 65
Page 64 Page 66
Contents Application Discovery 6.2 User Guide For managed nodes Table of Contents Support and other resources Configuring the Wbem provider password Glossary Index List of Figures Application visibility selector Sort indicatorPossible values for agent state List of TablesPage Introduction Features of Application DiscoveryPage Application Discovery components Components and conceptsHow discovery works Refining Application DiscoveryUnderstand your current discovery state Discovery ratioWarm-up ratio Refine discovery by checking agent stateRefine discovery by creating application templates Understanding application templatesHow memory usage is calculated Key to the graphic is as follows Understanding server resource consumptionPage Using HP SIM to start the agent Procedures and examplesStarting the agent from the command line Starting Application DiscoveryUsing HP SIM to stop the AD agent Reconfigure a running agent from the command lineStopping the agent from the command line Checking agent stateWorking with data views Adjusting the user interfaceExplanation of agent states Set screen data refresh intervalSet number of table rows Set general visibilitySet color theme Filter data in view tables Change the data viewSort data in view tables Navigate between views Other controls available from right-clicking on a view tableSet visibility for matched applications Set visibility for hosts on Application Discovery screensSetting data polling interval Setting event attributesIntroduction to event settings in Application Discovery Modifying the maximum size of an event listSetting alert location Setting event severityChange application template values Managing application templatesFind an application template Create a new template Key to application template values Constructing regular expressions Application identity Session Separation rule fields and their descriptionsCreate a process aggregation rule Create an application template ruleAggregation rule fields and their descriptions Managing application templates Example of a nested template aggregation rule Managing application templates Understanding the tables that show unmatched processes How to remove types from the aggregation ruleCheck unmatched processes to find application candidates Filling in the template separation rule fields Filling in the system scope fields using table dataFilling in the aggregation rule fields using table data Prerequisites Create an application workload in Virtualization ManagerCreate Monitored Workload Definition screen reopens Backing up Application Discovery filesPage Errors in installation TroubleshootingApplications not visible in Application Discovery screens Data missing in Application Discovery screensData missing in Application Discovery screens Host not visible in Application Discovery screens Check that SSH is configured correctly on the managed node# cd /.ssh /* rootuserhomedirectory/.ssh Packages not visible in Application Discovery screens Application Discovery may not be correctly configuredCheck that the host is known to Application Discovery Check that the Application Discovery agent is running UI Unable to connect to servermessages Errors in Application Discovery user interface operationJava UI exception message displays To list the AD agent package installed on the machine, then Page Contacting HP Support and other resourcesRelated information Application Discovery resourcesPage Page Options Amgrd= Logtrace InstallationAuthors Agentconfig Check agent state Event types Key to event attributesEvent viewing locations Event severity typesAdditional event types specific to Application Discovery Table C-1 Error messages seen when trying to log Error messagesPage Completing certificate exchange from the command line Using HP SIM to complete certificate exchangeCompleting certificate exchange IntroductionCompleting certificate exchange Credentials Configuring the Wbem provider passwordPage Agent GlossaryManaged SSL Wbem Index Admin/Config tabClear filter menu pick Group option Defining an application template rule AD Agents, 13
Top Page Image Contents