Deployment Guide

Installing vFoglight 75

vFoglight Settings

You must reboot the server after setting the parameter.

Note You must have a signed, valid certificate if you want to use the https-only configuration.

Vizioncore recommends that you obtain a valid certificate from a third party as outlined in

the following procedure.

Importing a Network Security Certificate

Once you have set the vFoglight Management Server to use only https, you must

generate a key pair (security certificate) into the vFoglight keystore. This allows the

server to communicate through the https protocol. You need to delete the existing

certificate shipped with vFoglight before generating a new key pair. Use the keytool

utility shipped with vFoglight to create, import, and export certificates. This utility can

be found in:

• $FMS_HOME\jre\bin\keytool

There are two keystores used by vFoglight:

• The built-in Tomcat keystore located at:

$FMS_HOME\server\default\conf\tomcat.keystore

(default password:

nitrogen

)

• The vFoglight Management Server keystore located at:

$FMS_HOME\jre\lib\security\cacerts

(default password:

changeit

)

To import a certificate:

Change directories to the following path:

$FMS_HOME\server\default\conf\

Delete the existing tomcat key from the tomcat.keystore directory using the

following command:

$FMS_HOME\jre\bin\keytool -keystore

FMS_HOME\server\default\conf\tomcat.keystore -storepass nitrogen -delete -

alias tomcat

Create a new key under the tomcat alias using the following command:

$FMS_HOME\jre\bin\keytool -keystore

FMS_HOME\server\default\conf\tomcat.keystore -storepass nitrogen -genkey -

alias tomcat

Generate a Certificate Signing Request (CSR) using the following command: