Chatee ahora con Soporte

Obtener ayuda en vivo
Completar registro

Iniciar sesión

Solicitar precios

Comuníquese con Ventas

Foglight 5.9.7 - Installing Foglight on Windows with an External MySQL Database

Navegación de contenido

Before Installing Foglight

What is Foglight? Hardware requirements and guidelines Planning your installation

High Availability mode

Considerations for running the Management Server in HA mode

Using an external database Licensing Installation modes

Console mode Silent mode

Installing Foglight

Preparing to install Installing a new version of the Management Server

Step 1: Introduction

Step 1: Introduction Step 2: Transaction Product Agreement Step 3: Select installation type Step 4: Choose installation folder Step 5: Choose shortcut location Step 6: Foglight service Step 7: Pre-installation summary Step 8: Installing Foglight Step 9: Foglight administrator password Step 10: Foglight mode Step 11: FIPS Compliance mode Step 12: Foglight repository database type Step 13: Foglight ports configuration Step 14: Add Foglight license file Step 15: Add Foglight to system service Step 16: Foglight server startup Step 17: Install complete

Foglight Server Startup page Next steps External MySQL database access for remote users

Executing the Grant All On Query script

Embedded Agent Manager

Installed directories Foglight settings

Editing the server.config file Enabling High Availability mode after installation Changing external database credentials Importing self-signed certificates to Foglight TrustStore

Non-FIPS mode FIPS-compliant mode

Setting up an encrypted database connection with SSL Setting up an encrypted LDAP connection with SSL Using encryption when sending email from Foglight Configuring ports Configuring the cluster multicast port used in High Availability mode Setting up Foglight server federation Setting the SQL Parser properties Setting memory parameters for the server

Process heap use

Adding command-line options Binding the Management Server to an IP address Configuring Foglight to use stronger encryption Configuring Foglight to use the HTTPS port

Importing a network security certificate Importing a PKCS #12 (pfx) format certificate

Setting the length of Foglight sessions

HP patch checking tool Uninstalling Foglight Upgrading the Management Server Installing Foglight FAQ

Running the Management Server

Manual database configuration

Option 1 - Run the Foglight database tool to configure the database Option 2 - Run SQL scripts to configure the database

Initializing and tuning the database

Initializing the database Tuning an external MySQL database for Foglight

Starting and stopping the Management Server

Starting the Management Server Running the Management Server as a Windows service

Using the Start Menu options Using the command line

Stopping the Management Server Starting and stopping the Management Server in High Availability mode

Logging in to Foglight

Monitoring the Management Server host Next steps

Migrating data from an existing database Running the Management Server FAQ

Installing and Upgrading Cartridges Installing Agents

Agent installers Remote agent installation

FIPS-compliant mode

In FIPS-compliant mode, it is required to use FIPS-validated KeyStore type BCFKS.

Import the certificate into the Foglight default TrustStore in FIPS-compliant mode, <foglight_home>\config\security\trust.fips.keystore (default password: nitrogen) with the following command:

<foglight_home>\jre\bin\keytool -import -trustcacerts -alias <alias_of_cert> - file <path_to_cert_file> -keystore <foglight_home>\config\security\trust.fips.keystore -deststoretype BCFKS - provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath <foglight_home>\server\core\bc-fips.jar -storepass <store_pwd>

Setting up an encrypted database connection with SSL

Setting up an encrypted database connection with SSL

The following procedure outlines how to set up a secure external MySQL® database connection and verify that the MySQL® Server supports SSL encryption.


	NOTE: This procedure must be performed after installation but before you start the Management Server.

To set up an encrypted external MySQL database connection with SSL:

1

Import a CA certificate into the Management Server keystore (cacerts) as outlined in Importing a network security certificate.

2

Update the MySQL configuration file (my.ini) with the new security certificate and key information by adding the following properties:

•

ssl-ca=<cacert.pem>

•

ssl-cert=<server-cert.pem>

•

ssl-key=<server-key.pem>

3

Uncomment and set the server.database.secureconn attribute in the server.config file to true, as shown below.

server.database.secureconn = "true";


	NOTE: Do not enable this option until the database server’s CA certificate is properly imported into <foglight_home>\jre\lib\security\cacerts.

4

Start the database.

5

Start the Management Server.

To verify whether the MySQL Server (mysqld) supports SSL connections:

1

Ensure that the MySQL Server (mysqld program) for your Foglight database is running.

2

Log in to mysql:

mysql --host <hostname> –port=<mysql_db_port_number> –user=<mysql_user> --password=<mysql_user_passwword>

3

At the mysql prompt, run the following query:

show variables like 'have_ssl'

4

The output shows the variable have_ssl with a value of either YES or DISABLED.

If the value is YES, the MySQL® Server supports SSL connections. If the value is DISABLED, the MySQL Server supports SSL connections but was not started with the appropriate SSL command options (-ssl-<option_name>=<value>). See the MySQL documentation for more information about these options.

Setting up an encrypted LDAP connection with SSL

Use the following instructions if you need to encrypt communication between the Management Server and the LDAP server.

To encrypt communication between Management Server and LDAP:

1

Acquire the LDAP server certificate in .pem format from the administrator.

2

Import the certificate into the Management Server keystore, see Importing self-signed certificates to Foglight TrustStore .


	NOTE: In addition to the Root CA certificate, there may be one or more intermediate CA certificates. If so, make sure to import the Root CA certificate and all intermediate CA certificates in sequence.

3

On the navigation panel, under Dashboards, click Administration > Users & Security > Directory Services Settings.

4

Under LDAP Locations, click Edit.

5

Specify the LDAP server URL in the following format:

ldaps://ldap_server_host_name:636


	NOTE: The port number for LDAP over SSL is usually 636. Confirm the exact port number with your LDAP server administrator.

6

Restart the Management Server.

Using encryption when sending email from Foglight

You can use encryption when sending email from Foglight. To do so, you must enable Foglight to use the SSL protocol and configure the mail server used by Foglight to use an SSL certificate that is not self-signed.

You can configure Foglight to use the SSL protocol either on the Email Configuration Dashboard or by editing the related mail.use.ssl registry variable. See the Administration and Configuration Help for more information.

See the documentation for your mail server for information about configuring it to use an SSL certificate.

Documentos relacionados

The document was helpful.

Seleccionar calificación

I easily found the information I needed.

Seleccionar calificación

© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Términos de uso Privacidad Cookie Preference Center