To cause the Foglight Management Server to bind to a specific IP address, use the dedicated properties in the <foglight_home>/config/server.config file. For example:
server.bind.address = “192.0.2.2";
server.remote.address = “host1.example.com";
Where host1.example.com is the host name assigned to the bind address in DNS. If no DNS name is available, a raw IP address can be used in this property.
2 |
Open the file <foglight_home>/config/server.config on the Management Server machine. |
3 |
Set the java system property foglight.credentials.enc.key.size to 256 (or higher): |
4 |
If you do not choose to install Foglight in Secure Server mode, you can edit server.config after installation and manually configure Foglight to restrict the Management Server to use the HTTPS port when accessing the browser interface.
You must have a signed, valid certificate to use this HTTPS configuration. It is recommended that you obtain a valid certificate from a third party as outlined in Importing a network security certificate.
2 |
Open the file <foglight_home>/config/server.config on the Management Server machine. |
3 |
4 |
5 |
7 |
Launch the Foglight browser interface using the appropriate HTTPS URL (https://<hostname>:<https_port>) to ensure that the Management Server can be accessed using HTTPS. |
<foglight_home>/jre/bin/keytool
There are two keystores that Foglight uses:
• |
The built-in Tomcat™ keystore located at: <foglight_home>/config/tomcat.keystore (default password: nitrogen) |
• |
The Management Server keystore located at: <foglight_home>/jre/lib/security/cacerts (default password: changeit) |
1 |
Back up the existing tomcat key using the following command: |
2 |
3 |
Create a new key under the tomcat alias using the following command: |
5 |
Once you have the certificate signed, import it back to the tomcat.keystore using the following command: |
7 |
Covert tomcat.keystore from JKS format to FIPS-verified BCFKS format using the following command: |
© ALL RIGHTS RESERVED. 이용 약관 개인정보 보호정책 Cookie Preference Center