Captain
Captain
498 views

(OMi) Support Tip: Certificate grant in an environment with firewalls/RCP

     In a distributed OMi  environment,  the managed node  in  generates the cert request and sends it to the configured GW message receiver.  The GW passes it to the primary DPS where the cert server is running.   Once the cert is granted (either manual or automatic),  it is the DPS which then sends the granted certificate directly to the requesting managed node.  This raises issues in an environment with firewalls/RCP, Therefore the certificate  must  be deployed to managed node in DMZ  manually.

 On the DPS:

ovcm -issue -name <FQDN> -file <file_name> -coreid <ovcoreid> -pass <password>

    This will create the certificate in <file_name>.    <file_name> then must be transferred to the DMZ managed node.

    Once certificate  file is on the DMZ managed node,  the certificate must be imported with:

     ovcert -importcert -file <file_name>  -pass <password>

 

Micro Focus Software Support

The views expressed in my contributions are my own and do not necessarily reflect the views and strategy of Micro Focus.

If you find this or any post resolves your issue, please be sure to mark it as an accepted solution.
Labels (1)
Tags (1)
1 Reply
Fleet Admiral
Fleet Admiral

Dear

In our environment we see certificate request comes to OMI server, but when we grant the certificate it is failing to grant the certificate.

We had verified all FW ports and all are open.

Is there any log file in OMI server side which we can look at to find what issue is.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.