Use the keytool command to update the IBM Spectrum®
Control data collector trusted certificates after you
replace the default SSL certificate for the IBM Spectrum
Control Device server.
If you replace the default SSL certificate for the IBM Spectrum
Control Device server, you must update the IBM Spectrum
Control data collector trusted certificates or else
the data collector does not communicate properly with the Device server.
-
Log on to the server where IBM Spectrum
Control is
installed. Ensure that you log on with the appropriate user privileges.
-
Stop the Device server.
-
Open the
/jre/bin directory where IBM Spectrum
Control is installed.
-
Enter the following command to export the default SSL certificate from the Device server
keystore.
For Windows™ operating system, enter the following
command:
keytool.exe -exportcert -alias default
-keystore "installation_dir\wlp\usr\servers\deviceServer\resources\security\key.p12" -storetype pkcs12
-storepass device_server_keystore_password -file deviceServer.cert
Where
device_server_keystore_password is the Device server keystore password and
the default value for this password is
default.
For AIX® or Linux®
operating system, enter the following
command:
./keytool -exportcert -alias default
-keystore installation_dir/wlp/usr/servers/deviceServer/resources/security/key.p12 -storetype pkcs12
-storepass device_server_keystore_password -file deviceServer.cert
Where
device_server_keystore_password is the Device server keystore password and
he default value for this password is
default.
- Enter the following command to delete the previous IBM Spectrum
Control Device server SSL certificate from the
IBM Spectrum
Control data collector trusted
certificates.
For Windows operating system, enter the following command:
keytool.exe -delete -alias deviceServer -keystore "installation_dir\jre\lib\security\cacerts" -storepass
data_collector_keystore_password
Where data_collector_keystore_password is the IBM Spectrum
Control data collector keystore password and the
default value for this password is changeit.
For AIX or Linux operating system, enter the following command:
./keytool -delete -alias deviceServer -keystore installation_dir/jre/lib/security/cacerts
-storepass data_collector_keystore_password
Where data_collector_keystore_password is the IBM Spectrum
Control data collector keystore password and the
default value for this password is changeit.
-
Enter the following command to add the default SSL certificate from the IBM Spectrum
Control Device server to the IBM Spectrum
Control data collector trusted certificates.
For Windows operating system, enter the following
command:
keytool.exe -importcert -noprompt -trustcacerts -alias deviceServer -file deviceServer.cert
-keystore "installation_dir\jre\lib\security\cacerts" -storepass data_collector_keystore_password
Where
data_collector_keystore_password is the
IBM Spectrum
Control data collector keystore password and the
default value for this password is
changeit.
For AIX or Linux operating system, enter the
following
command:
./keytool -importcert -noprompt -trustcacerts -alias deviceServer -file ./deviceServer.cert
-keystore installation_dir/jre/lib/security/cacerts -storepass data_collector_keystore_password
Where
data_collector_keystore_password is the
IBM Spectrum
Control data collector keystore password and the
default value for this password is
changeit.
-
Start the Device server.