I am using 18.104.22.168 version of hyperic.
On which I have been trying to establish SSL communication between server and agent via CA signed certificates.
The steps that I followed are:
1) Generated a jks for hyperic-server (CA signed)
2) Generated a jks for hyperic-agent (CA signed -- CA is the same which I used for hyperic server jks generation)
3) I followed the below steps mentioned in vFabric Documentation
Reconfigure Hyperic for Trusted SSL Certificates
- Install and configure a trusted PKC12 format keystore for Hyperic Server: For each Hyperic 4.6 Agent reporting to the Hyperic Server:
Obtain an SSL certificate from your CA and install it on the Hyperic Server host.
- After ensuring your certificate is in the correct format, use java-keytool to install it. For more information, see http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/keytool.html.
- Open ServerHome/conf/hq-server.conf in a text editor.
- Set the value of accept.unverified.certificates to "false".
- Define the location of your trusted keystore with the server.keystore.path property.
- Define the password for your trusted keystore with the server.keystore.password property.
- Save your changes.
- Restart the Hyperic Server.
Obtain an SSL certificate from your CA and install it on the Hyperic Agent host.
- Open AgentBundle/AgentHome/agent.properties in a text editor.
- Set the value of agent.setup.acceptUnverifiedCertificate to "false".
- Define the location of your trusted keystore with the agent.keystore.path property.
- Define the password for your trusted keystore with the agent.keystore.password property.
- Save your changes.
- Restart the Hyperic Agent.
4) In the EAM_KEYSTORE table of hyperic database I see the CA signed keystore entry for hyperic-server but I do not see the CA signed keystore entry for hyperic-agent.
Because of which agent and server communication is not happening.
Observation is that self signed (hyperic default keystore) keystore entry of hyperic agent is seen in database table EAM_KEYSTORE even after performing CA signed keystore process.
Could you please provide me the cause for this behavior.
I am not able to establish SSL communication between server and agent because of this issue