Manualshelf

HP Serviceguard Toolkit for Integrity Virtual Servers User Guide B.02.00, March 2012

ManualsBrandsHP ManualsSoftwareHP Serviceguard Toolkit for Integrity Virtual Servers
21222324252627282930
communications (that is, server public certificate distributed to the client; client public certificate
distributed to the server). The default locations for the generated key files are:
For VM or vPar Hosts: /etc
For VM or vPar guests:
HP-UX: /opt/hp/cmappserver
Key generation on the VM or vPar Host
The following three commands must be executed on one VM or vPar Host to generate the
client.private, client.public and temp.key security keys by using the keytool
program.
For more information on these commands, see http://java.sun.com/j2se/1.4.2/docs/tooldocs/
solaris/keytool.html.
These commands create default key names and locations to successfully configure application
monitoring.
HP Serviceguard commands control the startup and shutdown of the packaged VM or vPar
guest.
NOTE: Create and set the current directory (that is, HP-UX cd command) to
/etc/cmcluster/cmappmgr before executing these commands.
a. keytool -genkey -alias clientprivate -keystore client.private
-storepass clientpw -keypass clientpw -validity 400
WARNING! On Linux systems, you might face problems while generating keys and
using the “gcj” version of Java, such as “jre-1.4.2-gcj. If this problem occurs, you must
use another version of Java™ and the associated keytool.
NOTE:
This command prompts for a user name, organization, and physical location
information to document the use of the key.
The validity parameter is used to specify the number of days a key is valid.
This does not affect private keys but is still a required parameter.
b. keytool -export -alias clientprivate -keystore client.private
-file temp.key -storepass clientpw
c. keytool -import -noprompt -alias clientpublic -keystore
client.public -file temp.key -storepass public
Key generation on the VM or vPar guest
The following three commands must be executed on each VM or vPar guest to generate the
server.private, server.public and temp.key security keys. Set the current directory
to /opt/hp/cmappserver on HP-UX/Linux guests before running these commands.
a. keytool -genkey -alias serverprivate -keystore server.private
-storepass serverpw -keypass serverpw -validity 400
NOTE: This command prompts for a user name, organization and physical location
information to document the use of the key.
b. keytool -export -alias serverprivate -keystore server.private
-file temp.key -storepass serverpw
c. keytool -import -noprompt -alias serverpublic -keystore
server.public -file temp.key -storepass public
23