Manualshelf

Application Discovery 6.2 User Guide

ManualsBrandsHP ManualsSoftwareHP Matrix Operating Environment w/Insight Control 24x7 Supp Flexible Lic
61626364656667686970
D Completing certificate exchange
Introduction
NOTE: The information in this section applies only in the situation where Application Discovery
Version 4.0 agents are running on managed nodes in the monitored network. Application Discovery
4.1 and 6.x agents and servers do not require SSL certificate exchange for secure data transmission.
Application Discovery uses Secure Sockets Layer (SSL) certificates to authenticate and secure
data transmission between Application Discovery agents and the Application Discovery server.
Once Application Discovery components are installed, the accompanying certificate information
for Application Discovery server and for Application Discovery agent must be exchanged to
allow the server and agents to recognize legitimate transmissions.
Certificate exchange can be done within HP Systems Insight Manager software (HP SIM) or
from the command line on the central management server.
Using HP SIM to complete certificate exchange
1. Initiate certificate exchange by selecting Configure Insight Dynamics AgentsExchange
AD Agent Certificates from the top menu.
2. Select the HP-UX systems where you want the exchange to occur using the HP SIM system
selection list. Click Apply.
3. Verify the system selection and click Next.
4. A description is displayed of the action about to take place. When you are sure that you
want to exchange certificates so that the Application Discovery agent can begin reporting
data to the server, click Run now to complete the certificate exchange.
NOTE:
If you find that you are unable to exchange certificates from within HP SIM, check the following:
That you have the correct permissions associated with your login ID.
That the targeted managed node is authorized to accept remote commands from HP SIM.
To set the correct SSH configuration that authorizes the acceptance of remote commands,
type the following command on the CMS:
mxagentconfig -a -n managed_system -u login -p password
where managed_system is the name of the target system for which you want to enable
remote communication, login is the user name on the managed system, and password is
the password of that user on the managed system.
Completing certificate exchange from the command line
From the command line, you can exchange certificates with one managed host at a time.
1. Log in as a privileged user on the managed system.
2. Assuming installation to default directories, type from the command line:
/opt/amgr/bin/agent_config -start
-u option supported on HP-UX only:
You might be prompted to provide a password for the specified user for the system login.
You must supply the password in order to proceed.
3. Once the login is accomplished, the CMS sends its SSL certificate to the agent on the managed
host, and the agent supplies its SSL certificate to the CMS. Application Discovery agents
can now transfer data securely to the CMS, and the CMS can authenticate the transmission.
Introduction 65