SQL PI Repository - How to import certificates when there is a connection error for no certificates (4228724)

When monitoring connecting to a remote SQL Server PI repository SSL mode, certificates for the SQL Server PI repository database server must be imported into the keystore on the Agent Managers and FMS.

Error message: Unable to find certificate chain

DB agent manager* - the agent manager where the database agent is running.

PI agent manager** - the agent manager where the PI domain manager agent (DB_Oracle_SPI_Repository, DB_SQL_Server_SPI_Repository, SSAS_SPI_Repository) is running.

Foglight Management Server

Import the certificate into default truststore in Foglight server

1. Remote to the Foglight server and go to {Foglight}\jre\bin.
2. Start a command window.
3. Import the certificate via command:

          keytool -import -trustcacerts -alias {alias} -file {certificate file} -keystore {Foglight}/config/security/trust.fips.keystore -deststoretype BCFKS -provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath {Foglight}/server/core/bc-fips.jar -storepass nitrogen

For example:

Note: when running in federation mode, it requires importing the certificate into the keystore for both master and child Foglight server.

Foglight Agent Manager

Import the certificate into fogdb.store in DB agent manager and PI agent manager

1. Remote to the Foglight Agent Manager (FglAM) and go to the agent/lib folder. (i.e. {fglam_home}/agents/DB_SQL_Server/5.9.7.10-5.9.7.10-xxxx-xxxx/lib for SQL Server agent or {fglam_home}/agents/DB_Oracle/5.9.7.10-5.9.7.10-xxxx-xxxx/lib for Oracle agent.)
2. Start a command window.
3. Import the certificate via command:

• Windows:

         certificatetool-5.9.7.10.bat --add-certificate {alias}=\path\to\certificate\file

• Linux:

        For example:
        certificatetool-5.9.7.10.bat --add-certificate host1=c:\test.cer

The following video details the certificate installation steps.

Click To See Full Image.

Foglight for Databases - Importing a certificate for the SQL Server PI repository

Importing a certificate for the SQL Server PI repository https://support.quest.com/kb/326655 How to import certificates when there is a connection error for no certificates (SQL PI Repository)

Video Player is loading.

Play Video

PlaySkip BackwardSkip Forward

Mute

Current Time 0:00

/

Duration 0:00

Loaded: 0%

0:00

Stream Type LIVE

Seek to live, currently behind liveLIVE

Remaining Time -0:00

 

1x

Playback Rate

• 2x
• 1.75x
• 1.5x
• 1.25x
• 1x, selected
• 0.75x
• 0.5x

Chapters

• Chapters

Descriptions

• descriptions off, selected

Captions

• captions settings, opens captions settings dialog
• captions off, selected

Audio Track

Picture-in-PictureFullscreen

This is a modal window.

Beginning of dialog window. Escape will cancel and close the window.

Text

ColorWhiteBlackRedGreenBlueYellowMagentaCyanOpacityOpaqueSemi-Transparent

Text Background

ColorBlackWhiteRedGreenBlueYellowMagentaCyanOpacityOpaqueSemi-TransparentTransparent

Caption Area Background

ColorBlackWhiteRedGreenBlueYellowMagentaCyanOpacityTransparentSemi-TransparentOpaque

Font Size

50%75%100%125%150%175%200%300%400%

Text Edge Style

NoneRaisedDepressedUniformDrop shadow

Font Family

Proportional Sans-SerifMonospace Sans-SerifProportional SerifMonospace SerifCasualScriptSmall Caps

ResetDone

Close Modal Dialog

End of dialog window.

Close Modal Dialog

This is a modal window. This modal can be closed by pressing the Escape key or activating the close button.