Administer > Setup and Configuration > How to Configure Operations Connector to Communicate with a Distributed OMi

How to Configure Operations Connector to Communicate with a Distributed OMi

In a distributed OMi environment with a reverse proxy or a load balancer, the OMi data processing server and the Operations Connector server may not be able to communicate with each other in order to request and install a certificate. To provide the agent with a certificate, you must issue the certificate manually on the OMi certificate server and then import it manually on the Operations Connector system. In addition, you must manually set the MANAGER_ID configuration variable. The MANAGER_ID defines who is allowed to access the agent from outside.

  1. On the Operations Connector system, use ovcoreid to show the core ID of the system:

    ovcoreid

  2. On the OMi certificate server (usually the data processing server), use ovcert to export the trusted certificate, type:

    ovcert -exporttrusted -file omi.cer

  3. On the OMi certificate server (usually the data processing server), use ovcm to generate a certificate, type:

    ovcm -issue -file cert.cer -name <FQDN of Operations Connector> -coreid <OvCoreId of Operations Connector> -pass <password>

  4. Securely transfer the generated files to the Operations Connector system.

  5. Use ovcert to import the certificates from the generated files, type:

    ovcert -importtrusted -file omi.cer

    ovcert -importcert -file cert.cer

    The command prompts you for the password that you specified when you generated the certificates. Type the password and press Enter.

  6. On any of the gateway server systems, use ovcoreid to show the core ID of the system:

    ovcoreid -ovrg server

  7. On the Operations Connector system, set the manager and certificate server manually, type:

    ovconfchg -ns sec.cm.client -set CERTIFICATE_SERVER <FQDN of reverse proxy or load balancer>

    ovconfchg -ns sec.core.auth -set MANAGER <FQDN of reverse proxy or load balancer>

    ovconfchg -ns sec.core.auth -set MANAGER_ID <OvCoreId of any gateway server>

  8. Run oainstall to complete the Operations Agent setup, type:

    Windows 32-bit: cscript "%OvInstallDir%\bin\OpC\install\oainstall.vbs" -a -c

    Windows 64-bit: cscript "%OvInstallDir%\bin\win64\OpC\install\oainstall.vbs" -a -c

    Linux: /opt/OV/bin/OpC/install/oainstall.sh -a -c

  9. Review the agent installation log file:

    Windows: %OvDataDir%log\oainstall.log

    Linux: /var/opt/OV/log/oainstall.log

    If the log file contains errors relating to the OvControl service failing to start or restart, complete the following steps:

    1. Manually reinstall ovcd as a Windows service, type:

      ovcd -install

    2. Rerun oainstall.

  10. Securely delete any copies of the files that contain the certificates. Depending on how you generate and transfer the files, you may, for example, have copies in the following locations:

    • on the OMi data processing server

    • on the Operations Connector system

    • on a USB flash drive, CD, or other portable media

  11. Add the Operations Connector system to the Connected server list in OMi. For details, see How to Configure Operations Connector to Communicate with OMi topic.

Related topics

How to Configure Operations Connector to Communicate with OMi