Chat now with support
Chat mit Support

Foglight 6.1.0 - Installing Foglight on Windows with an External MySQL Database

Before Installing Foglight Installing Foglight
Preparing to install Installing a new version of the Management Server Installed directories Foglight settings HP patch checking tool Uninstalling Foglight Upgrading the Management Server Installing Foglight FAQ
Running the Management Server Installing and Upgrading Cartridges Installing Agents

Non-FIPS mode

In non-FIPS mode, to be compatible with former Foglight versions, Foglight uses JRE TrustStore as the default TrustStore. The default TrustStore will NOT be preserved during Foglight upgrade. Foglight also support a separate TrustStore, which will be preserved during upgrade. Choose the one that best suits your needs:

Option 1: Import the certificate into the embedded JRE TrustStore, <foglight_home>\jre\lib\security\cacerts (default password: changeit), with the following command:
<foglight_home>\jre\bin\keytool -import -file <path_to_cert_file> -alias <alias_of_cert> -keystore <foglight_home>\jre\lib\security\cacerts -storepass <store_pwd>
1
Prepare TrustStore: copy <foglight_home>\config\security\trust.keystore.sample to <foglight_home>\config\security\trust.keystore
2
Import the certificate into the Foglight TrustStore, <foglight_home>\ config\security\trust.keystore (default password: nitrogen), with the following command:

FIPS-compliant mode

In FIPS-compliant mode, it is required to use FIPS-validated KeyStore type BCFKS.

Import the certificate into the Foglight default TrustStore in FIPS-compliant mode, <foglight_home>\config\security\trust.fips.keystore (default password: nitrogen) with the following command:

Setting up an encrypted database connection with SSL

The following procedure outlines how to set up a secure external MySQL® database connection and verify that the MySQL® Server supports SSL encryption.

2
Update the MySQL configuration file (my.ini) with the new security certificate and key information by adding the following properties:
3
Uncomment and set the server.database.secureconn attribute in the server.config file to true, as shown below.
1
Ensure that the MySQL Server (mysqld program) for your Foglight database is running.
2
3
At the mysql prompt, run the following query:
4
The output shows the variable have_ssl with a value of either YES or DISABLED.
If the value is YES, the MySQL® Server supports SSL connections. If the value is DISABLED, the MySQL Server supports SSL connections but was not started with the appropriate SSL command options (-ssl-<option_name>=<value>). See the MySQL documentation for more information about these options.

Setting up an encrypted LDAP connection with SSL

Use the following instructions if you need to encrypt communication between the Management Server and the LDAP server.

1
Acquire the LDAP server certificate in .pem format from the administrator.
3
On the navigation panel, under Dashboards, click Administration > Users & Security > Directory Services Settings.
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen