IBM Tivoli Composite Application Manager for Application Diagnostics, Version 7.1.0.1

Configure components to use new keystores and certificates

Configure components to use new keystores and certificates:

  1. Modify MS_home/bin/setenv.sh. At the end of the script you will need to modify the following lines with the new keystore name, storepass, and keypass:
    KEYSTR_LOC=MS_home/etc/IBMMSStore
    KEYSTR_PASS=oakland2
    KEYSTR_KEYPASS=oakland1

  2. Modify the Visualization Engine (Application Monitor) user interface with the new keystore name, storepass and keypass. Perform the following procedure:

    1. Start the Managing Server.

    2. Log into the WAS administrative console.

    3. Click Server > Application Servers and select the server_name.

    4. In the Configuration tab, navigate to Server Infrastructure: Java and Process Management > Process Definition > Additional Properties: Java Virtual Machine > Additional Properties: Custom Properties.

    5. For the following name and value pairs, click New, enter the Name and Value, and click Apply:

      1. Set the path of the certificate to use when security is enabled for the Visualization Engine (Application Monitor) user interface:
        certificate.path=MS_home/etc/mgmttomgmt.cer

      2. Set the keystore location of the Managing Server:
        keystore.location=MS_home/etc/CyaneaMgmtStore

      3. Set the keystore password of Managing Server:
        keystore.storepass=oakland2

      4. Set the keystore key password of Managing Server:
        keystore.keypass=oakland1

      5. Set the user ID passed to the other end for authentication:
        nodeauth.userid=cyaneamgmt

    6. Restart the application server.

  3. Modify DC_home/runtime/app_server_version.node_name.server_name/custom/datacollector_custom.properties file with the new storename, storepass and keypass.

    1. Stop the instance of the application server monitored by the data collector.

    2. Go to DC_home/runtime/app_server_version.node_name.server_name/custom/ datacollector_custom.properties.

    3. Set the following property definitions:

      All the following properties are set during the installation or at configuration time. By default you do not need to do anything. You only need to change the following properties if you have changed items that the following properties are referring to. All the keywords in angle (< >) brackets need to be replaced by the appropriate value.

      • The path of the certificate to use when communicating with the data collector. This is only needed when the data collector is operating in secure mode. The delimiter must be a semicolon on all platforms certificate.path=<AM_HOME>/etc/dctomgmt.cer;<AM_HOME>/etc/dctoproxy.cer.

      • The keystore location of the data collector keystore.location=@{AM_HOME}/etc/CyaneaDCStore.

      • The keystore password of data collector server keystore.storepass=oakland94612.

      • The keystore key password of data collector server keystore.keypass=oakland94612.

    4. Start the instance of the application server that is monitored by the data collector for the property changes to take effect.

  4. Restart the Managing Server to implement the changes made to the Managing Server and data collector. See ITCAM for Application Diagnostics Managing Server Installation Guide.


Parent topic:

Keystore management and populating certificates