Deployment Guide
76 Foglight
Installation and Setup Guide
$FMS_HOME\jre\bin\keytool -keystore
FMS_HOME\server\default\conf\tomcat.keystore -storepass nitrogen -certreq -
alias tomcat -file <your_request_file.csr>
This file must be signed by Certification Authority (CA).
5
Once you have the certificate signed, import it back to the
tomcat.keystore
using
the following command:
$FMS_HOME\jre\bin\keytool -keystore
FMS_HOME\server\default\conf\tomcat.keystore -storepass nitrogen -import -
trustcacerts -alias tomcat -file <your_converted_cerificate>
You are prompted to enter the keystore password.
6
Type nitrogen.
Setting Up an Encrypted Database Connection with SSL
The following procedure outlines how to set up a secure embedded MySQL database
connection.
Note This procedure must be performed after installation but before you have started the
vFoglight Management Server.
To set up an encrypted database connection with SSL:
1
Import a CA certificate into the vFoglight Management Server keystore (cacerts)
as outlined in “Importing a Network Security Certificate” on page 75.
2
Update the MySQL configuration file (my.ini) with the new security certificate
and key information by adding the following properties:
• ssl-ca=<cacert.pem>
• ssl-cert=<server-cert.pem>
• ssl-key=<server-key.pem>
3
Uncomment and set the
foglight.database.secureconn
attribute in the
foglight.config file to true, as shown below.
#
# For Oracle, this option can be enabled once the database server is properly
configured.
# However, for MySQL, DO NOT enable this option until the database server's CA
certificate is properly imported into $fms_dir\jre\lib\security\cacerts.
foglight.database.secureconn = "true";