Enabling certificate validation and crl validation, Logging vmm logs into windows nt events – HP Insight Control Software for Linux User Manual
Page 22
6.
For each target server, perform these steps:
1.
Select the certificate.
2.
Click Export... to launch the Certificate Export Wizard.
3.
Click Next to continue. The Export File Format dialog box is displayed.
4.
Enter a filename along with the complete path of the directory. For example, C:\
VMHost-Certs\servername.cer
NOTE:
If you do not enter the complete path, the certificate is stored in your
Documents and Settings folder.
5.
Click Next to continue with the export. A Completing the Certificate Export Wizard
page is displayed, summarizing the information about the certificate.
Import the Host/vCenter certificates into the VMM keystore
To import the Host/vCenter certificates into the VMM keystore:
1.
Locate the CA certificate.
2.
From the command prompt, run the following command:
vmcli importServerCertToVMMKeystore <vmHost/vCenter cert exported
path><vmHost/vCenter IPAddress/hostname>
where, <vmHost/vCenter cert exported path> is the location of the certificate
and <vmHost/vCenter IPAddress/hostname> is the IP address or host name of
the server containing the certificate.
3.
Restart the VMM service.
3.
Insight Control virtual machine management logs all user operations to custom log files located
at <VMM Install Dir>\logs. For Windows CMS, you can log these events to the Windows
events log file. For more information, see
“Logging VMM logs into Windows NT Events” (page
.
NOTE:
Logging VMM events to the Windows events log file increases the disk space needed
for the log file.
Enabling certificate validation and CRL validation
Insight Control virtual machine management supports certificate and CRL validation. The status of
the certificates issued by a CA must be determined to avoid certificate revocation. In the absence
of such validity checks the application might accept credentials that were earlier revoked by a CA
administrator. VMM uses CRL to represent the revocation information. The revoked certificates are
published in the CRL.
To enable certificate validation, add the option EnableHostCertValidation, and set it to
True
in thehpvmm.conf file found at the following location:
<VMM installation dir>/bin/hpvmm.conf
To enable CRL validation, add the option EnableCRLValidation, and set it to True in the
hpvmm.conf
. After enabling the validations, restart the VMM service.
NOTE:
Before enabling the CRL validation, enable the certificate validation.
Logging VMM logs into Windows NT Events
To log VMM logs into Windows NT Events:
22
Managing virtual machines