Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
- Using Certificates with the PKCS #12 Repository
- Generating a Self-Signed Certificate
- Generating a CA-Signed Certificate
- Delete a Certificate from the NNMi Keystore
- Replacing an Existing Certificate with a new Self-Signed or CA-Signed Certificate
- Working with Certificates in Application Failover Environments
- Working with Certificates in High-Availability Environments
- Working with Certificates in Global Network Management Environments
- Configuring an SSL Connection to the Directory Service
Generating a Self-Signed Certificate
Note NNMi 10.20 introduces a Public Key Cryptography Standards (PKCS) #12 repository to store certificates. The new PKCS #12 file-based certificate management technique is available for use as soon as you install a new instance of NNMi 10.20 on a system. Environments upgraded from an older version of NNMi continue to use a JKS repository to store certificates.
In upgraded environments, you can migrate to the PKCS #12 repository by using the steps in Configure an Upgraded NNMi Environment to Use the New Keystore.
If you have upgraded to NNMi10.30 and did not complete the steps in Configure an Upgraded NNMi Environment to Use the New Keystore, skip to Generating a Self-Signed Certificate.
To generate a self-signed certificate, follow these steps:
-
Change to the directory on the NNMi management server that contains the
nnm-key.p12andnnm-trust.p12files:- Windows:
%NnmDataDir%\shared\nnm\certificates - Linux:
$NnmDataDir/shared/nnm/certificates
- Windows:
-
Save a backup copy of the
nnm-key.p12file. -
Delete the existing
nnm-key.p12file. - Generate a private key from your system. Use the
nnmkeytool.ovplcommand to generate this private key:Run the following command exactly as shown:
- Windows: %NnmInstallDir%\bin\nnmkeytool.ovpl -genkeypair -validity 3650 -keyalg rsa -keystore nnm-key.p12 -storetype PKCS12 -storepass nnmkeypass -alias <alias_name>
Linux: $NnmInstallDir/bin/nnmkeytool.ovpl -genkeypair -validity 3650 -keyalg rsa -keystore nnm-key.p12 -storetype PKCS12 -storepass nnmkeypass -alias <alias_name>
Note The alias, referred to as <alias_name> in this example, identifies this newly-created key. Although the alias can be any string, recommends you use the fully-qualified domain name (FQDN) followed by a suffix to help you easily identify the right version. For example, you can use alias name as
myserver.mydomain-<number> ormyserver.mydomain-<date>.Enter the requested information.
Caution When prompted for your first and last name, enter the FQDN of your system.
A self-signed certificate is generated.
For obtaining CA-signed certificates, you need to additionally generate and submit a CSR file to a CA. For more information, see Generating a CA-Signed Certificate.
recommends that you use CA-signed certificates.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to network-management-doc-feedback@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: