C:\Program Files\Hewlett Packard Enterprise\SSMC\ssmcbase\etc>”C:\Program Files\Hewlett Packard Enterprise\SSMC\jre\bin\keytool” -import -alias root -keystore keystore -trustcacerts -file rootcer.cer.
Import certs into the keystore in the following order rootca, interca then the final certificate (if you don’t have a intermediate ca don’t run that one).Import the Certificates into the Keystore Export the root ca and intermediate ca certificates and put these on the server in the ssmcbase\etc folder with the newly signed cert.Take the cert req data and get the cert signed from your CA.Noting the -ext to get the SAN into the cert req C:\Program Files\Hewlett Packard Enterprise\SSMC\ssmcbase\etc>”C:\Program Files\Hewlett Packard Enterprise\SSMC\jre\bin\keytool” -certreq -keystore keystore -alias jetty -ext SAN=dns: fqdn,ip: x.x.x.x -file newcert.txt.Substitute required info for FQDN and X and ip x.x.x.x.C:\Program Files\Hewlett Packard Enterprise\SSMC\ssmcbase\etc>”C:\Program Files\Hewlett Packard Enterprise\SSMC\jre\bin\keytool” -genkeypair -keystore keystore -alias jetty -dname “CN= FQDN, OU= X, O= X, L= X, ST= X, C= X” -keyalg RSA -ext SAN=DNS: fqdn,ip: x.x.x.x.Type the following command and substitute in the required details of IP, FQDN, OU, O,L,ST,C, these relate to Org Unit, Organisation, Location, State, Country.this gives you a roll back should you jam a finger in the door, also take a VM snapshot if you are running this on a VM.
Make sure all the keytool commands are run from : C:\Program Files\Hewlett Packard Enterprise\SSMC\ssmcbase\etc I think from another post I read that when you upgrade the SSMC version this will over-write the certificate change and you will have to do this again, i have not tested this theory yet. If you left the install path as default the below will work for you, yes you could get funky and put in path variables into windows but hey most people get lost in there too so I did this without it. You have read through the most thorough of user guides supplied by HPE on how to do this but have got lost at a few parts, well i did maybe i am just thick…Īll the tools you need to complete this task are pretty well already on the server where you installed the SSMC software. So you have installed the HPE 3PAR SSMC web management software onto a server and you now want to secure this with a signed SSL certificate.
0 kommentar(er)
