communications (that is, server public certificate distributed to the client; client public certificate distributed to the server). The default locations for the generated key files are:

For VM or vPar Hosts: /etc

For VM or vPar guests:

HP-UX: /opt/hp/cmappserver

Key generation on the VM or vPar Host

The following three commands must be executed on one VM or vPar Host to generate the client.private, client.public and temp.key security keys by using the keytool program.

For more information on these commands, see http://java.sun.com/j2se/1.4.2/docs/tooldocs/ solaris/keytool.html.

These commands create default key names and locations to successfully configure application monitoring.

HP Serviceguard commands control the startup and shutdown of the packaged VM or vPar guest.

NOTE: Create and set the current directory (that is, HP-UX cd command) to /etc/cmcluster/cmappmgr before executing these commands.

a.keytool -genkey -alias clientprivate -keystore client.private -storepass clientpw -keypass clientpw -validity 400

WARNING! On Linux systems, you might face problems while generating keys and using the “gcj” version of Java, such as “jre-1.4.2-gcj”. If this problem occurs, you must use another version of Java™ and the associated keytool.

NOTE:

This command prompts for a user name, organization, and physical location information to document the use of the key.

The —validityparameter is used to specify the number of days a key is valid. This does not affect private keys but is still a required parameter.

b.keytool -export -alias clientprivate -keystore client.private -file temp.key -storepass clientpw

c.keytool -import -noprompt -alias clientpublic -keystore client.public -file temp.key -storepass public

Key generation on the VM or vPar guest

The following three commands must be executed on each VM or vPar guest to generate the server.private, server.public and temp.key security keys. Set the current directory to /opt/hp/cmappserver on HP-UX/Linux guests before running these commands.

a.keytool -genkey -alias serverprivate -keystore server.private -storepass serverpw -keypass serverpw -validity 400

NOTE: This command prompts for a user name, organization and physical location information to document the use of the key.

b.keytool -export -alias serverprivate -keystore server.private -file temp.key -storepass serverpw

c.keytool -import -noprompt -alias serverpublic -keystore server.public -file temp.key -storepass public

23

Page 23
Image 23
HP Serviceguard Toolkit for Integrity Virtual Servers HP-UX /opt/hp/cmappserver, Key generation on the VM or vPar guest