Foglight uses JRE TrustStore as the default TrustStore (cacerts). The default TrustStore will NOT be preserved during Foglight upgrade, but any existing certificates are retained in $fmshome/state/backup/[previous-fms-version]/jre/lib/security/cacerts.
The installation guide states that Foglight also supports a separate TrustStore which will be preserved during upgrade, but it is not possible to complete the steps provided due to errors while attempting to import certificates:
Import the certificate into the Foglight TrustStore, $fmshome/config/security/trust.keystore (default password: nitrogen)
Import fails with:
keytool error: java.io.IOException: Invalid keystore format
WORKAROUND
Make a copy of the default JRE TrustStore and place it under the $fmshome/config/security directory for Foglight to use it as the default. This will be preserved after an upgrade.
The TrustStore in use can be confirmed from the Management Server Configuration dashboard.
Note: After an upgrade the default JRE TrustStore (cacerts) may include new trusted certificate authority (CA) certificates which will not be added automatically to Foglight's TrustStore (trust.keystore).
STATUS
This issue was logged as defect FOG-5565 and has been fixed in the 6.3 and higher releases of Foglight.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Feedback 使用条款 隐私 Cookie Preference Center