We will be upgrading from SOI CUM2 to CUM 4 in several weeks. While reviewing the installation instructions; the following has been found and we want clarification on these steps, because this appears to be something new.
In particular Step H is where we have a question.
Since we already have SSL certs already deployed to our UI servers, is this step necessary?
Release : 4.2 CU4
This step was added as part of the remediation of the Coverity Security Vulnerabilities.
User story 788925
Coverity issues verification ( Script code injection, Unsafe deserialization, Cross-site request forgery)
The new step introduced in CU4 install directions is a part of Coverity security vulnerability remediation.
The above command imports the manager certificate into the UI Server to create a trusted environment and unless the user imports the cert in the trust store of the UI Server this will fail. (UI will not be up and running).
These steps are not related to the regular ssl certs used by SOI (if https is enabled).
These steps are additional and are mandatory for distributed environments.