Administer > Content Store

Content Store

Use the Content Store area in the Cloud Service Management Console to consume and deploy the content from the CSA platform directly, instead of downloading the Content SDK available from CSA.

The content store has access to the latest CSA content offerings published on ITOM Marketplace and the extended community, the same way you access them externally. Refer to Using Content Store with ITOM Marketplace for information on how to use Content Store with ITOM Marketplace.

Roles

The Content Store area is available for the Content Manager and Administrator.

Capsule Display

The capsules are displayed by the latest updated content offering. Capsules that were updated in the last 30 days have a New tag.

The capsules shown in the Content Store depend on which of the following Content Types are selected:

Content Type Description
HPE Created by HPE and supported via HPE Software Support, with a ticket filed against the associated product.
Partner Created and supported by Partners.
Community Created by Community Contributor and supported by HPE Software customers.

Note The HPE Content Type is selected by default. The capsules are filtered to be compatible to your version of CSA.

Each Capsule tile shows the following detail:

  • Name of the Capsule
  • Description about the capsule
  • Provider Name (HPE)
  • Signature and Certification details of the installed Capsule
  • Rating by the user
  • Number of Downloads

Prerequisites

  1. The Content Store area is only available with the validation of the HPE Passport credentials and proxy connection details (if any). See Configure Content Store settings
  2. Certificate validation for a Capsule (Optional): If you wish to decide the level of certification validation for your chosen Capsule, you may want to edit the configuration property contentInstallation.contentSignatureVerificationLevel in the csa.properties file located at JBOSS_HOME\standalone\deployments\csa.war\WEB-INF\classes\csa.properties to enable or disable. Following are the 3 types of certification validation:
    1. ALLOW_NOT_SIGNED - This will allow any capsule including unsecured content without certification to continue the installation process. It is the lowest security level. For example: contentInstallation.contentSignatureVerificationLevel=ALLOW_NOT_SIGNED
    2. ALLOW_SIGNED - This will allow the Capsule having digital certificate to install irrespective of it stored in Truststore of content-store (Where Capsule certificates of trustworthy sources are added and marked as trusted).
      For example: contentInstallation.contentSignatureVerificationLevel=ALLOW_SIGNED
    3. ALLOW_TRUSTED - This will allow the Capsule to continue installation only if it has a digital certificate and present in Truststore of content-store. This is the highest level of security as it allows only trusted content to install.
      For example: contentInstallation.contentSignatureVerificationLevel=ALLOW_TRUSTED

Note: A separate Truststore is created at the location CSA_JRE_HOME/lib/security/capsuletrust to validate the Capsule signatures. By default, the HPE-released capsule signature certificates are imported at this location. However, if you want to validate your capsules that you have signed using different certificate/s as "TRUSTED", you can use the Java™ keytool command and import the certificates to the Truststore location.

Tasks

You can perform the following tasks in this area:

  • Search for capsules: Enter the Keyword (name of the capsule/version) in the Keywords text box in the left panel. Matching capsules are displayed. If no capsules match the keyword, a No results found message is displayed.
  • Install an existing capsule: Click Install in the capsule you want to download, select the version from Available versions and click Install. After the download and install process completes the installed version appears on the tile. You can then mouse-over on the Certificate icon of the installed Capsule tile to view the Signature and Certification details as shown in the below table:

    Capsule Status Certificate Icon Color Security Information Example
    Signed Green - Indicates that the certificate signature is successful. Certificate status : Trusted
    Signedby : AddTrust External CA Root
    Not Signed Gray- Indicates that the certificate signature failed. No digital signature

    Important During upgrade of CSA from 4.70 to 4.80 version, the signature information of the capsules installed in 4.70 will be represented in grayed certificate icon to indicate <No digital signature> status.

    Note The Available versions drop-down displays the capsule versions published in ITOM Marketplace. Once you have installed a particular version of the capsule, you will be able to re-install the same version, update to a latest version, but cannot downgrade to a lower version.

  • Update an existing Capsule: The existing Capsules can be updated to latest versions.

    To update to new version: Click Update, select the latest version from Available versions and click Update.

    Note The Update button is visible for capsules that have later versions available.

  • Reinstall an existing Capsule: Click Update, select the same version from Available versions and click Update.

    For example: If the existing capsule version is 4.7. You must select the same 4.7 version from the list of Available versions.

    The Confirmation Required dialog window will pop-up with Preserve Originals option as shown in the below image

    • If you check the Preserve Originals option and click OK. The backup copy of the existing service design will be saved with "Superseded" and date appended to the service designs display name.
    • If you choose to continue without checking Preserve Originals option and click OK. By default, the update operation will update an existing service design and all the related resource offerings associated with it. If the service design does not exist, then the service design will be added to the system.
    • If you choose to dis-continue the update process, click Cancel.
  • Install a Capsule From File: You can install the downloaded capsule from your local machine.

    • Click Browse and navigate to select the downloaded capsule file.
    • Select the appropriate file and click Open to upload it. The uploaded Capsule will appear as a tile for installation.
    • Click Install in the capsule that you just uploaded, select the version from Available versions and click Install

    Note: The selected capsule must be compatible with the 4.80 installer.

  • Update an existing Capsule from a local machine: If you have downloaded same version or latest versions of a particular Capsule in your local machine, you can update or re-install capsules using the below procedures:

    • To update to latest version: Click Update, select the latest version from Available versions and click Yes.
    • To Re-install the same version: Click Update, select the same version from Available versions and click Yes.

    Note The pop-up window with an option Preserve Originals will not display for updating and Re-installing Capsules from local machine. It is applicable only for Capsules available on ITOM Marketplace.

Capsule-specific Documentation

You can download the capsule-specific documentation right from the capsule install tile itself. All the capsule-related user manuals hosted through ITOM Marketplace will be listed under the Documents section in the capsule install tile. If no document is hosted for a capsule through ITOM Marketplace, the Documents section will not be visible.

Downloading capsule-specific documentation

To download any of the available capsule-specific documentation:

  1. From the Content Store page, click the Install or Update button (as the case may be) of the capsule . The install tile appears.
  2. In the install tile, from the Available Versions drop-down list, based on the documentation you need to download, select the respective capsule version. The Documents section now lists links of all the available user manuals, related to the selected capsule and capsule version.
  3. Click the desired link.
    The document will be downloaded to your default 'Downloads' folder.

Locating Content Store Log Files

The Content Store writes operational information to a dedicated log file with the .log extension.
To view the log files and to help you troubleshoot a specific scenario, navigate to JBOSS_HOME\standalone\log\contentstore.log.

Using Content Store with ITOM Marketplace

Due to the unavailability of HPE Live Network, the Content Store too became nonfunctional. Now, the new ITOM Marketplace is in place which replaces the HPE Live Network.

Changes to be done in environments with earlier releases of CSA/Codar

To continue using Content Store with earlier releases of CSA/Codar, you need to make only one change in your CSA/Codar environment, which is trusting the new ITOM Marketplace’s certificate.

Trusting the ITOM Marketplace involves the following two tasks:

  • Exporting the ITOM Marketplace certificate
  • Importing the ITOM Marketplace to CSA/Codar environment

Exporting ITOM Marketplace certificate

Refer to the documentation of your browser to know how to export a certificate. You need to export the entire certificate chain available in the Certificate dialog.

Importing ITOM Marketplace certificate

For a non-containerzied environment, complete the following steps to import the certificates

  1. Copy the exported certificate archive to the CSA host server (any accessible location on the host).
  2. Open a command prompt and change directories to CSA_HOME.
  3. Run the following command:

    Windows:

    <CSA_JRE_HOME>\bin\keytool.exe -importcert -trustcacerts -alias <alias_name> -file <full_path_to_certificate_file> -keystore <CSA_JRE_HOME>\lib\security\cacerts -storepass <store_password>

    Non-Windows:

    <CSA_JRE_HOME>/bin/keytool -importcert -trustcacerts -alias <alias_name> -file <full_path_to_certificate_file> -keystore <CSA_JRE_HOME>/lib/security/cacerts -storepass <store_password>

    where CSA_JRE_HOME is the directory in which the JRE that is used by CSA is installed.

For a containerized environment, complete the following steps to import the certificatse

  1. Copy the exported certificates to /etc/hcm/cacertsdirectory.
  2. Restart the CSA pod.

This completes the task of trusting ITOM Marketplace certificate.