Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Operations Manager i10.62

Administer > Setup and Maintenance > Certificate Requests > Deploy certificates manually

Deploy certificates manually

OMi gateway servers and other HPE BTO Software applications use certificates to identify themselves and communicate securely with each other. The data processing server acts as a certificate authority. It can issue the required certificates to other computers in your environment.

You can generate certificates on the data processing server, and then transfer them to other computers on a USB flash drive, CD, or other portable media. This option is more secure because it avoids sending certificates over unencrypted network connections.

Log in to the data processing server with an account that has administrative rights. Open a command or shell prompt.
If the data processing server runs on a Linux operating system, make sure that the PATH variable contains the correct path to the certificate client commands.

Type export PATH=/opt/OV/bin:$PATH and then press Enter.

Use ovcm to generate certificates. The syntax for this command is:

ovcm -issue -name <FQDN> -file <file_name> [-coreid <OvCoreId>] [-pass <password>]

Specify the options as follows:

Option	Description
`-issue`	Specifies that you want to issue certificates.
`-name <FQDN>`	The fully qualified domain name of the computer on which you want to install the certificates.
`-file <file_name>`	The name of the file into which the command generates the certificates.
`-coreid <OvCoreID>`	Optional. The OvCoreID, which uniquely identifies the computer. This ID is used to generate the certificates. If you omit this option, the command generates an ID for the computer. You need to specify the OvCoreID if the HPE BTO Software application is already running on the computer and has sent a certificate request. To find an existing OvCoreID do one of the following: Open the Certificate Requests tab in the Certificate Requests manager: Administration > Setup and Maintenance > Certificate Requests Alternatively, click Certificate Requests. Find the certificate request in the list. The value the Common Name column is the OvCoreID. Use `ovcoreid` on the computer that you want to install the certificates on. On computers that run a Windows operating system, type the command in a command prompt. On computers that run a UNIX or Linux operating system, you can find the command in one of the following directories: HP-UX, Solaris, or Linux: `export PATH=/opt/OV/bin` AIX: `export PATH=/usr/lpp/OV/bin:$PATH` Tru64: `export PATH=/usr/opt/OV/bin:$PATH`
`-pass <password>`	Optional. A password that the command uses to encrypt the certificate data. You need this password when you later import the certificates on the node. If you omit this option, the command prompts you for a password.

Log in to the computer on which you want to install the certificates with the same account used to install the HPE BTO Software application. Open a command or shell prompt.
Securely transfer the certificate file to the computer.
On computers that run a UNIX or Linux operating system, make sure that the PATH variable contains the path to the agent commands.
- On HP-UX, Solaris, or Linux, type export PATH=/opt/OV/bin:$PATH and then press Enter.
- On AIX, type export PATH=/usr/lpp/OV/bin:$PATH and then press Enter.
- On Tru64, type export PATH=/usr/opt/OV/bin:$PATH and then press Enter.
If the HPE BTO Software application is running on the node, type ovc -stop and then press Enter. This stops the processes.
Use ovcert to import the certificates from the generated file. The syntax for this command is:

ovcert -importcert -file <file_name>

The command prompts you for the password that you specified when you generated the certificates. Type the password and press Enter.
Note If the computer already has an OvCoreID that does not match the OvCoreID in the certificate, you see a warning that the common name field in the certificate does not match the OvCoreID of the system. If the software is newly installed (and is not connected to any other HPE BTO Software applications), you can change the node's OvCoreID as follows:
1. Copy the certificate's common name field from the warning.
2. Type ovcoreid -set <common name field> -force and then press Enter.
  
  The OvCoreID must be unique to each computer. Do not use this command to set the same OvCoreID on more than one computer.
For example, for the following warning:
```
WARNING: The common name field (CN) in the certificate
         '89aea662-b9e6-7527-148d-8a612e083f23' does not match the OvCoreId
         '8b2ae5c2-b99c-7527-0263-cf9a16f2aace' of the system.
```
the command would be:

ovcoreid -set 89aea662-b9e6-7527-148d-8a612e083f23 -force
Type ovc -start and then press Enter. This restarts the HPE BTO Software processes.
Securely delete any copies of the file that contains the certificates. Depending on how you generate and transfer the file, you may, for example, have copies in the following locations:
- the management server
- a USB flash drive, CD, or other portable media
- the computer on which you installed the certificates

Send Help Center feedback