How to communicate with UCMDB using HTTPS

If you want to communicate with UCMDB using the HTTPS protocol, you must complete all of the following steps:

  1. Enable SSL on the UCMDB server machine

    For more information, see the Universal CMDB Hardening Guide.

  2. Enable UCMDB probe to connect to server using SSL

    To enable the probe to connect to the UCMDB server using SSL, you must add a certificate to the probe’s certificate trust store.

    1. Create the certificate file

      From <UCMDB-Installation-Folder>\bin\jre\bin, run the following command:

      keytool -export -file <Certificate-File-Name> -keystore -Alias c:\hp\UCMDB\
      UCMDBServer\conf\security\server.keystore

    2. Add the certificate from the certificate file to the probe’s certificate trust store:

      keytool -import -file <Certificate-File-Name> -keystore -Alias <Probe-Installation-Folder>\conf\security\HPProbeTrustStore.jks

      Note The default probe’s trust store password is logomania.

  3. Enable the On-Premise Bridge agent to connect to the UCMDB server using SSL

    To enable the On-Premise Bridge agent to connect to the UCMDB server using SSL, you must add a certificate to the agent’s certificate trust store.

    1. You can use the certificate created in step 2a above.

    2. Add the certificate from the certificate file to the probe’s certificate trust store:

      keytool -import -file <Certificate-File-Name> -keystore -Alias <OPB-Installation-Folder>\product\util\3rd-party\jre1.7.0_10\lib\security\cacerts

      Note The default java trust store password is changeit.

Related Topics Link IconRelated Information