Install Guide
NOTE: To successfully use openwsmand and sfcbd services on systems running the supported Linux server operating system
with SELinux enabled, use the following commands:
• openwsmand
#grep openwsmand /var/log/audit/audit.log | audit2allow -M mypol
#semodule -i mypol.pp
• sfcbd
#grep sfcbd /var/log/audit/audit.log | audit2allow -M mypol
#semodule -i mypol.pp
Related Links:
Installing Managed System Software on Supported Linux and VMware ESX
Creating Server Certicate For WSMAN
You can either create a certicate for WSMAN or reuse an existing certicate.
Creating A New Certicate
You can create a new server certicate for WSMAN by running the owsmangencert.sh script that is located at /etc/openwsman. The
openwsman RPM provides the script. Follow the steps in the wizard to create the server certicate.
Reusing An Existing Certicate
If you have a self-signed or CA-signed certicate, you can use the same certicate for the openwsman server by updating the
ssl_cert_file and ssl_key_file values, which are grouped under [server] tag, in /etc/openwsman/openwsman.conf with the
existing certicate values.
Conguring CRL for the openwsman client
To congure the Certicate Revocation List (CRL) used by Server Administrator Web Server, do the following:
1 Mention a valid CRL le in /etc/openwsman/openwsman_client.conf.
2 If left blank, the CRL check is ignored.
NOTE
: CRL support is only present on the supported SUSE Linux Enterprise Server and Red Hat Enterprise Linux
Server. For other operating systems, contact the operating system vendor to provide the required CURL library with
CRL support.
Running sfcb and openwsman
Run sfcb and openwsman:
• /etc/init.d/sfcb start
• /etc/init.d/openwsmand start
NOTE
: On Red Hat Enterprise Linux 6, replace sfcb with sblim-sfcb.
Preinstallation Setup 13