Install Guide
NOTE: To successfully use openwsmand and sfcbd services on systems running the SUSE Linux Enterprise Server operating
system, use the following commands:
• openwsmand
#grep openwsmand /var/log/audit/audit.log | audit2allow -M mypol
#semodule -i mypol.pp
• sfcbd
#grep sfcbd /var/log/audit/audit.log | audit2allow -M mypol
#semodule -i mypol.pp
Related Links:
Installing Managed System Software on Supported Linux and VMware ESX
Creating Server Certicate For WSMAN
You can either create a new certicate for WSMAN or reuse an existing certicate.
Creating A New Certicate
You can create a new server certicate for WSMAN by executing the owsmangencert.sh script located at /etc/openwsman. This script is
provided by the openwsman RPM. Follow the steps in the wizard to create the server certicate.
Reusing An Existing Certicate
If you have a self-signed or CA-signed certicate, you can use the same certicate for the openwsman server by updating the
ssl_cert_file and ssl_key_file values, grouped under [server] tag, in /etc/openwsman/openwsman.conf with the existing
certicate values.
Conguring CRL For The openwsman Client
You need to congure the Certicate Revocation List (CRL) used by Server Administrator Web Server. To do this:
1 Mention a valid CRL le in /etc/openwsman/openwsman_client.conf.
2 If left blank, the CRL check is ignored.
NOTE
: CRL support is only present on SUSE Linux Enterprise Server version 11 and Red Hat Enterprise Linux Server. For
other operating systems, contact the operating system vendor to provide the required CURL library with CRL support.
Running sfcb And openwsman
Run sfcb and openwsman:
• /etc/init.d/sfcb start
• /etc/init.d/openwsmand start
NOTE
: On Red Hat Enterprise Linux 6, replace sfcb with sblim-sfcb.
On Red Hat Enterprise Linux 6, for the sblim-sfcb and openwsman to start automatically after a reboot you need to change the run-levels
using the chkconfig utility. For example, if you want to run sblim-sfcb in run-levels 3 and 5, use the following command:
14
Preinstallation Setup