New Way to Manage FGLAM certificate from version 5.6.2.2 (Part 1)

We all remember back to old ago we are using JRE default keystore (CACERTS) to mange foglight certificate. Which work well however we had to remember and find way to use keytool and you could lost all you key if you upgrade your JRE without back it up.

Start from Foglight Agent Manager, we introduced the new way to manager it. Many people/Foglighter may not know it and this is purpose for this blog

Before 5.6.2.2

After 5.6.2.2

Key Store Location

$FGLHOME/jre/lib/security/cacerts

$FGLHOME/State/certificates/certificate.store

Password

changeit

random password managed by foglight

Manage tool

Keytool

Fglam building tool (command switch)

Agent Manager 5.6.2.2

Copyright (c) 2012 Quest Software Inc.

Build Number: 5622-20120217-1647-b96 (64-bit)

--add-certificate Adds the certificate file to the list of trusted certificates

in Agent Manager. The certificate will be trusted for all

SSL connections. The required argument is:

alias=/path/to/certificate/file

--delete-certificate Deletes the certificate alias from the list of trusted certificates

in Agent Manager. The certificate will no longer be

trusted for SSL connections.

--list-certificates Displays a list of certificates that have been added to

Agent Manager. Certificates that are included in the JRE

are not displayed.

-to be continued

Anonymous