Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Search for | Example | Results |
---|---|---|
A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Search for | Operator | Example |
---|---|---|
Two or more words in the same topic |
|
|
Either word in a topic |
|
|
Topics that do not contain a specific word or phrase |
|
|
Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
A combination of search types | ( ) parentheses |
|
Obtain server certificates from a CA
Generally, server certificates must be issued to the name of the external access point (FQDN) that is configured in Default Virtual Gateway Server for Application Users/Data Collectors URL. This is the name that users and data collectors use to access OMi. The SubjectAlternativeName field of the certificate must contain the FQDN of the system for which the certificate is issued.
If your TLS termination points are not the front-end URLs (OMi virtual gateway server URLs), you must issue server certificates for these termination points (load balancer/reverse proxy) as well.
Note We recommend using the strongest currently available cryptographic algorithms when obtaining server certificates, as well as the largest key size (not less than 2048-bit RSA keys). To see the latest NIST approved cryptographic algorithms and key lengths, go to http://csrc.nist.gov/publications/PubsFIPS.html.
Obtain a server certificate for each of the front-end URLs that you want to secure: one for users to access OMi, and one for data collectors to access OMi.
Note When using aliases (for example, one name for users, one for data) on the same OMi gateway server, you can obtain a Subject Alternative Name (SAN) certificate with a predefined set of DNS names.
The server certificates must be issued into the exact FQDNs. During the configuration, OMi automatically inserts these same FQDNs into the Administration > Setup and Maintenance > Infrastructure Settings page in the following rows:
-
Default Virtual Gateway Server for Application Users URL
-
Default Virtual Gateway Server for Data Collectors URL
You only need to manually update these settings if the URL for the data collectors differs from the URL for application users.
Examples:
If the external access point is loadbalancer.example.com
, and the name of your gateway servers is gateway1.example.com
and gateway2.example.com
, the following server certificates must be obtained:
-
For
loadbalancer.example.com
: issued toloadbalancer.example.com
, SubjectAlternativeName field set toloadbalancer.example.com
. -
For
gateway1.example.com
: issued toloadbalancer.example.com
, SubjectAlternativeName field set togateway1.example.com
. -
For
gateway2.example.com
: issued toloadbalancer.example.com
, SubjectAlternativeName field set togateway2.example.com
.
If your URL is https://omiUsers.mycompany.com:443
, you would issue a certificate to omiUsers.mycompany.com
.
The server certificates for the data processing server are used when connecting to the JMX console.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to ovdoc-asm@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: