The FMS was setup secured to use the default cert (quest.com). When attempting to invoke the fglcmd command from the FMS, the ssl flag was used but the command failed with the following:
Connection problem: Could not access HTTP invoker remote service at [https://localhost:8443/foglight-sl/CommandLineService]; nested exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
The fglcmd utility uses the JRE to connect to the FMS. The quest.com CA authority is not installed by default in the cacerts file on the FMS.
Also is recommended to use the -ssl switch.
$FMS_HOME/jre/bin/keytool -keystore $FMS_HOME/jre/lib/security/cacerts -storepass changeit -import -alias [alias_name] -file [path_to_ca_cert_file]
Example fglcmd usage using the -srv and -ssl switches:
Ensure that fglcmd -srv switch specifies the FQDN referenced in the cert, for example:
> fglcmd -srv hostname.domain.com -ssl -usr foglight -pwd foglight -port 8443 -cmd script:run -f filename.groovy
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center