Return
-
Title
WinRM and VMWare - How to import certificates when there is a connection error for no certificates -
Description
When monitoring remote systems in SSL mode, certificates for the remote server must be imported into the keystore on the Agent Manager. -
Resolution
Installing HTTPs certificates
In environments where an in-house certificate granting authority (CA) is in use, the CA’s certificate must be added to the Agent Manager’s trust keystore. The Agent Manager then assumes that the authority, and any signed certificates it issues, are trusted.
To add a certificate to the keystore:- Ensure that the Agent Manager is running.
- Launch a command shell on the Agent Manager machine, and navigate to the /bin directory.
- Issue the following command:
fglam --add-certificate alias=/path/to/certificate/file
If the import succeeds, the Agent Manager automatically recognizes and uses the certificate.
Note: For how to configure WinRM? Refer to "Manually configuring WinRM HTTP access" section in the Technical Documentation
Note: To make the WinRm connection be FIPS compliant, it requires to disable the DCOM, WinRm HTTP listener on the target host, only the WinRM HTTPs listener allowed.
-
Defect ID
FOM-182