Install Guide
NOTE: To successfully use openwsmand and sfcbd services on systems running the supported Linux server operating system
with SELinux enabled, use the following commands:
• openwsmand
#grep openwsmand /var/log/audit/audit.log | audit2allow -M mypol
#semodule -i mypol.pp
• sfcbd
#grep sfcbd /var/log/audit/audit.log | audit2allow -M mypol
#semodule -i mypol.pp
Related Links:
Installing Managed System Software on Supported Linux and VMware ESX
Creating Server Certicate For WSMAN
You can either create a new certicate for WSMAN or reuse an existing certicate.
Creating A New Certicate
You can create a new server certicate for WSMAN by executing the owsmangencert.sh script located at /etc/openwsman. This script is
provided by the openwsman RPM. Follow the steps in the wizard to create the server certicate.
Reusing An Existing Certicate
If you have a self-signed or CA-signed certicate, you can use the same certicate for the openwsman server by updating the
ssl_cert_file and ssl_key_file values, grouped under [server] tag, in /etc/openwsman/openwsman.conf with the existing
certicate values.
Conguring CRL for the openwsman client
You need to congure the Certicate Revocation List (CRL) used by Server Administrator Web Server. To do this:
1 Mention a valid CRL le in /etc/openwsman/openwsman_client.conf.
2 If left blank, the CRL check is ignored.
NOTE
: CRL support is only present on teh supported SUSE Linux Enterprise Server and Red Hat Enterprise Linux
Server. For other operating systems, contact the operating system vendor to provide the required CURL library with
CRL support.
Running sfcb And openwsman
Run sfcb and openwsman:
• /etc/init.d/sfcb start
• /etc/init.d/openwsmand start
NOTE
: On Red Hat Enterprise Linux 6, replace sfcb with sblim-sfcb.
Preinstallation Setup 13