The following procedure outlines how to set up a secure external MySQL® database connection and verify that the MySQL® Server supports SSL encryption.
1 |
2 |
Update the MySQL configuration file (my.ini) with the new security certificate and key information by adding the following properties: |
3 |
Uncomment and set the server.database.secureconn attribute in the server.config file to true, as shown below. |
NOTE: Do not enable this option until the database server’s CA certificate is properly imported into <foglight_home>/jre/lib/security/cacerts. |
1 |
Ensure that the MySQL Server (mysqld program) for your Foglight database is running. |
2 |
Login to mysql: |
3 |
At the mysql prompt, run the following query: |
4 |
1 |
Acquire the LDAP server certificate in .pem format from the administrator. |
2 |
Import the certificate into the Management Server keystore, <foglight_home>/jre/lib/security/cacerts (default password: changeit), with the following command: |
• |
Root CA certificate: <foglight_home>\jre\bin\keytool -import -trustcacerts -alias ldapsvrcert -keystore <path_to_cacerts> -storepass changeit -file <path_to_cert_file> |
• |
Intermediate CA certificate 1: <foglight_home>\jre\bin\keytool -import -alias ldapsvrcert2 -keystore <path_to_cacerts> -storepass changeit -file <path_to_cert_file> |
• |
Intermediate CA certificate 2: <foglight_home>\jre\bin\keytool -import -alias ldapsvrcert3 -keystore <path_to_cacerts> -storepass changeit -file <path_to_cert_file> |
3 |
On the navigation panel, under Dashboards, click Administration > Users & Security > Directory Services Settings. |
4 |
You can configure Foglight to use the SSL protocol either on the Email Configuration Dashboard or by editing the related mail.use.ssl registry variable. See the Administration and Configuration Help for more information.
You can set a number of different ports using the file <foglight_home>/config/server.config, including mandatory ports required for Foglight to run.
For a list of these ports, their default values, and the configuration parameters you can use to set them in server.config, see the Administration and Configuration Help.
NOTE: In certain configurations the Management Server may use ports in addition to the ones that you set using server.config; for example, when Foglight is running in High Availability (HA) mode. See the Administration and Configuration Guide for details. |
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center