What is the new procedure for configuring Third-Party Certificate Monitoring reports with Smarts NCM 9.4 Patch 2
Additional steps are required for Certificate Monitoring reports to work on the NCM server running version 9.4 Patch 2 software. These steps are required for accessing the WS API in NCM used by the Certificate Monitoring reports. Otherwise, the logs show certificate and communication errors and the Certificate Monitoring reports are empty.
Before you begin
Install version 9.4 patch 2 software on the NCM server. If you are not using a third-party certificate, follow the procedures in -
HereProcedure
1. Log in to the NCM host and copy
"$VOYENCE_HOME/conf/server.p12" to the EMC M&R destination machine where the WS API client is configured (for example, /opt).
server.p12 will be generated when installing the third-party certificate using the
SSL utility for NCM 9.4.0.2.2. On the destination machine, type the following command as one line and press Enter:
$APG_HOME/Java/Sun-JRE/8.0u31/bin>keytool -changealias -keystore
"/opt/server.p12" -alias 1 -destalias newalias -storetype pkcs12 3. Enter the keystore password.
Use the same password given during certificate installation.
4. On the destination machine, type the following command as one line and press Enter.
$JAVA_HOME/bin>keytool -importkeystore -srckeystore "/opt/server.p12" -destkeystore
"$APG_HOME/Java/Sun-JRE/8.0u31/lib/security/cacerts" -srcstoretype pkcs12 5. Enter the destination keystore password: changeit
6. Enter the source keystore password.
Use the source keystore password given during certificate installation.
These results should display:
Entry for alias 1 successfully imported. Import command
completed: 1 entries successfully imported, 0 entries failed
or cancelled.7. Go to the <EMC_M&R_install>/bin directory and run the following command
to restart all of the services:
./manage-modules service restart all The following exception message should no longer display in the collector logs
(APG/Collecting/Collector-Manager/emc-ncm/logs):
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested
target at
sun.security.ssl.Alerts.getSSLException(Alerts.java:192)