Importing certificates into the Common Services truststore

Ops Center Installation and Configuration Guide

Version
11.0.x
Audience
anonymous
Part Number
MK-99OPS001-23

Import the root certificate of the server certificate for Common Services and for each product into the Common Services truststore. If the system is linked with an Active Directory, LDAP, or identity provider server, you can also import the root certificates of these server certificates.

Transfer the certificates to the management server in a secure manner.

  1. Log in to the management server as the root user.
    If you log in as an ordinary user, use the sudo command to complete the following procedure as the root user.
  2. Run the following command to import the root certificate of the server certificate for Common Services into the truststore.

    In some cases, the certificate might already be imported.

    Format
    keytool -importcert -alias alias-name -keystore path-to-truststore-file -file path-of-the-certificate-to-be-imported
    Options
    -alias alias-name
    Specify the name so that the certificate can be identified in the truststore.
    -keystore path-to-truststore-file

    Specify the following absolute path as the path to the truststore file:

    /var/installation-directory-of-Common-Services/tls/cacerts

    For example, for an OVA install uses the following file:

    /var/opt/hitachi/CommonService/tls/cacerts

    Note: When you run the command, you will be asked to enter a password. The default password for the truststore is changeit. We recommend that you change the password.
    -file path-of-the-certificate-to-be-imported
    Specify the absolute path of the certificate to import.
  3. In the same way, import the root certificate of the server certificate for each product into the truststore.
  4. When you use LDAPS for communication with the Active Directory or LDAP server, import the root certificate of the server certificate for the Active Directory or LDAP server.
  5. If you link Common Services with an identity provider, import the root certificate of the server certificate for the identity provider server.
  6. Restart the Common Services service and the services for each product.
    For details on how to restart the Common Services service, see Starting or stopping the Common Services service. For details on how to restart the service of each product, see the documentation for each product.