Users Guide
Installing Managed System Software on Supported Linux Operating Systems 101
Reusing an Existing Certificate
If you have a self-signed or CA-signed certificate, you can use the same
certificate for the openwsman server by updating the ssl_cert_file and
ssl_key_file values, grouped under [server] tag, in
/etc/openwsman/openwsman.conf with your existing certificate values.
Configuring CRL for the openwsman Client
You need to configure the Certificate Revocation List (CRL) used by Server
Administrator Web Server. To do this:
1
Mention a valid CRL file in
/etc/openwsman/openwsman_client.conf
.
2
If left blank, the CRL check is ignored.
NOTE: CRL support is only present on SUSE Linux Enterprise Server version 11. For
other operating systems, contact your operating system vendor to provide the
required CURL library with CRL support.
Running sfcb and openwsman
Run sfcb and openwsman:
•
/etc/init.d/sfcb start
•
/etc/init.d/openwsman start
The managed system is configured and is ready to be used by the Server
Administrator Web Server.
Winbind Configuration for openwsman and sfcb for Red Hat Enterprise
Linux Operating Systems
1
Take a backup of the following files:
•
/etc/pam.d/openwsman
•
/etc/pam.d/sfcb
•
/etc/pam.d/system-auth
2
Replace the content of
/etc/pam.d/openwsman
and
/etc/pam.d/sfcb
with:
auth required pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required pam_stack.so service=system-auth