Chat now with support
Chat with Support

Foglight for Exchange 5.8.2 - Foglight for Office 365 User Guide

Getting started with Foglight for Office 365 Administering monitoring agents and collected data Monitoring your environment Foglight for Office 365 views

Managing certificates for FMS

Use the keytool utility shipped with Foglight to create, import, or export certificates. This utility can be found at: <foglight_home>\jre\bin\keytool.

There are two FMS running modes:

Managing certificates for FMS in non-FIPS mode

The KeyStore Foglight used under non-FIPS mode is located at: <foglight_home>/jre/lib/security/cacerts (default password: changeit)

Use the keytool command in FMS JRE located in <foglight>/jre/bin

keytool -import -trustcacerts -alias "<alias>" -file "<certificate path>" -keystore <foglight_home>/jre/lib/security/cacerts -storepass changeit

<alias>: The alias is required and is used in the list and delete operations to refer to the certificate. It can be anything.
<foglight_home>: The folder path where the Foglight is installed.
<certificate path>: Your custom certificate path.

keytool -list -keystore <foglight_home>/jre/lib/security/cacerts -storepass changeit

Remove a certificate referred to by an alias.

keytool -delete -alias <alias> -keystore <foglight_home>/jre/lib/security/cacerts -storepass changeit

Managing certificates for FMS in FIPS-compliant mode

The KeyStore Foglight used in FIPS-compliant mode is located at: <foglight_home>/config/security/trust.fips.keystore (default password: nitrogen)

Use the keytool command in FMS JRE located in <foglight>/jre/bin.

keytool -import -trustcacerts -alias "<alias>" -file "<certificate path>" -keystore "<Foglight_home>/config/security/trust.fips.keystore" -deststoretype BCFKS -provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath "<Foglight_home>/server/core/bc-fips.jar" -storepass nitrogen

<alias>: The alias is required and is used in the list and delete operations to refer to the certificate. It can be anything.
<Foglight_home>: The folder path where Foglight is installed.
<certificate path>: Your custom certificate path.

keytool -list -keystore "<Foglight_home>/config/security/trust.fips.keystore" -deststoretype BCFKS -provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath "<Foglight_home>/server/core/bc-fips.jar" -storepass nitrogen

Prints out a list of certificates and the aliases that refer to them.

Refer to the example output below:

Remove a certificate referred to by an alias.

keytool -delete -alias <alias> -keystore "<Foglight_home>/config/security/trust.fips.keystore" -deststoretype BCFKS -provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath "<Foglight_home>/server/core/bc-fips.jar" -storepass nitrogen

C:\Quest\Foglight\jre\bin>keytool -import -trustcacerts -alias "Evolve-Test" -file "D:/Evolve-test.crt" -keystore "C:/Quest/Foglight/config/security/trust.fips.keystore" -deststoretype BCFKS -provider org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath "C:/Quest/Foglight/server/core/bc-fips.jar" -storepass nitrogen

Owner: CN=CA, DC=ca, DC=local

Issuer: CN=CA, DC=ca, DC=local

Serial number: xxxx

Valid from: Sun Jan 06 23:07:06 CST 2019 until: Wed Apr 06 23:07:06 CST 2022

Certificate fingerprints:

...

 

Extensions:

...

Trust this certificate? [no]: yes

Certificate was added to keystore

Monitoring your environment

The Monitoring tab of the Office 365 Environment dashboard displays a summary of the Exchange Online services and the ADFS services (Active Directory® Federation Services) being monitored and their current state. It show performance and availability metrics provided by the Microsoft® Exchange online (SaaS).

This section includes the following topic:

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating