Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
- Configuring FIPS mode in Service Manager
- Download JCE unlimited strength policy files
- Configure Java for FIPS mode
- Generate FIPS validated certificates for the SM Server and other components
- Configure FIPS mode in the Server
- Configure FIPS mode in the Windows Client
- Configure FIPS mode in the Web Tier
- Configure FIPS mode in the Mobility Client
- Configure FIPS mode in Service Request Catalog (SRC)
- Configure FIPS mode in the Solr Search Engine
- Configure FIPS mode in the Chat Server
- Configure FIPS mode in the Chat Service
- Configure FIPS mode in the IdM Service
Configure FIPS mode in Service Request Catalog (SRC)
In SRC, you need to perform the following tasks to enable the implementation of FIPS validated TLS connections between the Service Manager Server and SRC, and between SRC and the Solr Search Engine.
Note When SRC has FIPS mode enabled, it can connect to the Solr Search Engine no matter whether the Solr Search Engine has SSL (FIPS mode) enabled or not.
Prerequisites
Before you proceed, make sure of the following:
-
You have already configured SRC's JRE for FIPS mode. For details, see the Service Request Catalog (SRC) section in Configure Java for FIPS mode.
-
You have already generated a CA certificates file and a client keystore for the SRC host and Solr Search Engine host. For details, see Generate FIPS validated certificates for the SM Server and other components.
- The CA certificates file: \certs\smcacerts.p12
- The SRC keystore file: \key\sun-sun-<SRC host FQDN>.p12 (for example, sun-sun-srchost.mycompany.net.p12)
- The Solr Search Engine keystore file: \key\sun-sun-<Solr Search Engine host FQDN>.p12 (for example,sun-sun-solrhost.mycompany.net.p12)
Note The following tasks assume that your SRC keystore and Solr Search Engine keystore are issued by the same root CA.
- You have enabled FIPS mode on the SM Server side. For details, see Configure FIPS mode in the Server.
Task 1: Configure FIPS mode for TLS connections between the SM Server and SRC
Follow these steps:
-
Copy the certificate files to a directory on the SRC host.
For example, C:\client.
-
Configure the parameters in SRC's applicationContext.property file, which is located in the <SRC .war file>\WEB-INF\classes directory, as shown in the following:
sm.hostname=smserver.mycompany.net sm.port=13443 sm.protocol=https src.trustStore=C:\\client\\smcacerts.p12 src.trustStorePassword=changeit src.trustStoreType=pkcs12 src.keyStore=C:\\client\\sun-sun-srchost.mycompany.net.p12 src.keyStorePassword=clientkeystore src.keyStoreType=pkcs12
- For
sm.hostname, FIPS mode requires the use of the fully qualified domain name (FQDN) of the Service Manager Server host. - The default value for the
sm.protocolparameter ishttp. You need to change it tohttpsfor FIPS mode. - The
src.trustStoreTypeandsrc.keyStoreTypeparameters are not included in the out-of-box version of this file. You must manually insert them with a value of pkcs12, which is the only supported certificate type when Service Manager is running in FIPS mode. - The rest of the parameter values are for example only; change the values according to your own configuration.
- The file paths must use double backslashes.
- For
- Make sure the SM Server is started.
- Restart the SRC Tomcat.
-
Log in to SRC.
If FIPS mode has been enabled successfully in SRC, you should be logged in successfully.
Note If you need to enable LW-SSO in SRC when it is running in FIPS mode, see Configure LW-SSO in SRC for FIPS mode.
Task 2: Configure FIPS mode for TLS connections between SRC and Solr
Since your SRC keystore and Solr Search Engine keystore are issued by the same root CA, no additional configuration steps are required on the SRC side. Once FIPS mode is enabled in SRC, you only need to enable FIPS mode in the Solr Search Engine. For detailed steps, see Configure FIPS mode in the Solr Search Engine.
Caution Whenever you have changed the Solr Search Engine related configuration on the SM Server side, you need to restart the SRC Tomcat.
Note If your SRC keystore and another component (such as the Solr Search Engine)'s keystore are issued by different CAs, you need to import the CA certificates files into each other. The following is an example import command:
keytool -import -keystore smcacerts.p12 -trustcacerts -alias ibmca -file ibmca.crt -storepass changeit -storetype pkcs12Next step:
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to ovdoc-ITSM@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: