I am using 4.6.6.1 version of hyperic.

On which I have been trying to establish SSL communication between server and agent via CA signed certificates.

The steps that I followed are:

1) Generated a jks for hyperic-server (CA signed)

2) Generated a jks for hyperic-agent (CA signed -- CA is the same which I used for hyperic server jks generation)

3) I followed the below steps mentioned in vFabric Documentation

vFabric Documentation Center

Reconfigure Hyperic for Trusted SSL Certificates

1.   Install and configure a trusted PKC12 format keystore for Hyperic Server:    For each Hyperic 4.6 Agent reporting to the Hyperic Server: 
   1.   

      Obtain an SSL certificate from your CA and install it on the Hyperic Server host. 

      •   

        If your certificate is not PKCS12 format, you can use the openssl tool to convert it. For more info...http://community.jboss.org/wiki/sslsetup. 

      •   After ensuring your certificate is in the correct format, use java-keytool to install it. For more information, see http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/keytool.html. 
   2.   Open ServerHome/conf/hq-server.conf in a text editor. 
   3.   Set the value of accept.unverified.certificates to "false". 
   4.   Define the location of your trusted keystore with the server.keystore.path property. 
   5.   Define the password for your trusted keystore with the server.keystore.password property. 
   6.   Save your changes. 
   7.   Restart the Hyperic Server. 

2. 1. Obtain an SSL certificate from your CA and install it on the Hyperic Agent host. 

   2.   Open AgentBundle/AgentHome/agent.properties in a text editor. 
   3.   Set the value of agent.setup.acceptUnverifiedCertificate to "false". 
   4.   Define the location of your trusted keystore with the agent.keystore.path property. 
   5.   Define the password for your trusted keystore with the agent.keystore.password property. 
   6.   Save your changes. 
   7.   Restart the Hyperic Agent. 

4) In the EAM_KEYSTORE table of hyperic database I see the CA signed keystore entry for hyperic-server but I do not see the CA signed keystore entry for hyperic-agent.

    Because of which agent and server communication is not happening.

Observation is that self signed (hyperic default keystore) keystore entry of hyperic agent is seen in database table EAM_KEYSTORE even after performing CA signed keystore process.

Could you please provide me the cause for this behavior.

I am not able to establish SSL communication between server and agent because of this issue