When monitoring connecting to a remote SQL Server PI repository SSL mode, certificates for the SQL Server PI repository database server must be imported into the keystore on the Agent Managers and FMS.
Error message: Unable to find certificate chain
DB agent manager* - the agent manager where the database agent is running.
PI agent manager** - the agent manager where the PI domain manager agent (DB_Oracle_SPI_Repository, DB_SQL_Server_SPI_Repository, SSAS_SPI_Repository) is running.
keytool -import -trustcacerts -alias {alias} -file {certificate file} -keystore {Foglight}/config/security/trust.fips.keystore -deststoretype BCFKS -provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath {Foglight}/server/core/bc-fips.jar -storepass nitrogen
For example:
Note: when running in federation mode, it requires importing the certificate into the keystore for both master and child Foglight server.
Windows:
certificatetool-5.9.7.10.bat --add-certificate {alias}=\path\to\certificate\file
Linux:
For example:
certificatetool-5.9.7.10.bat --add-certificate host1=c:\test.cer
The following video details the certificate installation steps.
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center