IBM Tivoli Composite Application Manager for Application Diagnostics, Version 7.1.0.1

Configure components to use new keystores and certificates

Configure components to use new keystores and certificates:

  1. Modify MS_home/bin/setenv.sh. At the end of the script you will need to modify the following lines with the new keystore name, storepass, and keypass:
    KEYSTR_LOC=MS_home/etc/IBMMSStore
    KEYSTR_PASS=oakland2
    KEYSTR_KEYPASS=oakland1

  2. Modify the ITCAM for Application Diagnostics Managing Server with the new keystore name, storepass and keypass. Perform the following procedure:

    1. Start the Managing Server and the ITCAM for Application Diagnostics Managing Server. See Start the Managing Server.

    2. Log into the IBM WAS administrative console.

    3. Depending on your application server version, complete one of the following options:


      Navigation to JVM custom properties in the IBM WAS administrative console

      IBM WAS 6

      1. Click Server > Application Servers and select the server_name.

      2. In the Configuration tab, navigate to Server Infrastructure: Java and Process Management > Process Definition > Additional Properties: Java Virtual Machine > Additional Properties: Custom Properties.

    4. For the following name and value pairs, click New, enter the Name and Value, and click Apply:

      1. Set the path of the certificate to use when security is enabled for the ITCAM for Application Diagnostics Managing Server:
        certificate.path=MS_home/etc/mgmttomgmt.cer

      2. Set the keystore location of the Managing Server:
        keystore.location=MS_home/etc/CyaneaMgmtStore

      3. Set the keystore password of Managing Server:
        keystore.storepass=oakland2

      4. Set the keystore key password of Managing Server:
        keystore.keypass=oakland1

      5. Set the user ID passed to the other end for authentication:
        nodeauth.userid=cyaneamgmt

    5. Restart the application server.

  3. Modify DC_home/runtime/app_server_version.node_name.server_name/datacollector.properties file with the new storename, storepass, and keypass details.

    1. Stop the instance of the application server monitored by the data collector.

    2. Go to DC_home/runtime/app_server_version.node_name.server_name/datacollector.properties.

    3. Set the following property definitions:

      All the following properties are set during the installation or at configuration time. By default you do not need to do anything. You only need to change the following properties if you have changed items that the following properties are referring to. All the keywords in angle (< >) brackets need to be replaced by the appropriate value.

      • The path of the certificate to use when communicating with the data collector. This is only needed when the data collector is operating in secure mode. The delimiter must be a semicolon on all platforms certificate.path=<AM_HOME>/etc/dctomgmt.cer;<AM_HOME>/etc/dctoproxy.cer.

      • The keystore location of the data collector keystore.location=@{AM_HOME}/etc/CyaneaDCStore.

      • The keystore password of data collector server keystore.storepass=oakland94612.

      • The keystore key password of data collector server keystore.keypass=oakland94612.

    4. Start the instance of the application server that is monitored by the data collector for the property changes to take effect.

  4. Restart the Managing Server to implement the changes made to the managing server and data collector:

    1. If it is not already stopped, stop the Managing Server. See Stop the Managing Server.

    2. Start the Managing Server. See Start the Managing Server.


Parent topic:

Keystore management and populating certificates

+

Search Tips   |   Advanced Search