Manualshelf

HP Integrity Virtual Machines Manager Version 4.0 Getting Started Guide

ManualsBrandsHP ManualsSoftwareHP Matrix Operating Environment w/Insight Control 24x7 Supp E-LTU
21222324252627282930
IMPORTANT: After you enter the data, save it by clicking OK. Otherwise, the data is cleared
when the session ends.
Trusted Certificates
If you require the additional security provided by certificate validation you can turn on SSL
certificate validation by selecting the Require trusted certificates check box on the VM Manager
Set WBEM Credentials for Virtual Machines page. With this setting turned on, the client
Certificate Trust Store must include the server certificates from the virtual machines; otherwise,
VM Manager cannot obtain certain information from the virtual machines. If your environment
does not require the additional security provided by certificate validation, you can leave certificate
validation turned off.
To enable SSL certificate validation in VM Manager, you must export the server certificates from
the WBEM services providers on the virtual machines, and import those certificates into the
keystore on the VM Host where VM Manager is running. This keystore is shared between Partition
Manager and VM Manager. Certificates in this keystore are trusted by both Partition Manager
and VM Manager.
To get the certificate file from the WBEM services provider, follow these steps:
1. Locate the WBEM services provider certificate file (cert.pem) on the virtual machine to
which you want to connect. To find the correct file, open the WBEM services Provider
configuration file, which can be found in the following locations:
For Windows:
%PEGASUS_HOME%\cimserver_current.conf
For HP-UX:
$PEGASUS_HOME/cimserver_current.conf
(The default value for PEGASUS_HOME on HP-UX is /var/opt/wbem.)
The location of the server certificate file is configured by the sslCertificateFilePath
setting. If this value is not set in the configuration file, the default values are as follows:
For Windows:
%PEGASUS_HOME%\server.pem
For HP-UX:
/etc/opt/hp/sslshare/cert.pem
2. Copy the certificate file (cert.pem or server.pem) to the VM Host where VM Manager
is running.
NOTE: Copy the certificate file to a temporary directory (not to the sslshare directory)
on the VM Host. Do not overwrite the existing cert.pem or server.pem file in the
sslshare directory on the VM Host.
3. To import the certificate file, enter the following command on the VM Host:
$ JAVA_HOME/bin/keytool -import -alias server_hostname \
-file cert.pem \ -keystore /etc/opt/hp/sslshare/parmgr.keystore
Discovering Data When Setting New WBEM Credentials
When you set new WBEM credentials from the VM Manager Modify menu and click OK, the
page to which you return is updated using the new credentials. However, especially when VM
Manager must retrieve data from a large number of virtual machines, some of the data might
not yet be updated when the page displays in full (instead, the old data is still displayed). With
the exception of data displayed by utilization meters, the new data (such as the virtual machine
Setting Security Credentials 23