Hi, I'm not too sure about this one. You may check in the System Mgt forum to see if more folks can jump in. Though with OME, you can do an omconfig/omremote command to help make it easier to change on a number of servers...something like this maybe.
Kind of on the same topic, but is it possible to script the recreation of the OMSA SSL cert on a number of servers?
I'm trying to use Keytool to create a new certificate, yet I can't edit the keystore.db file (it asks for a password that I haven't been able to find anywhere) as it is, and really really really don't want to resort to manually recreating a certificate on 50+ machines from the GUI.
It would be nice if we could fix this before we installed OMSA...
Thanks for your post. You can get more responses if you post it on the system management forum at the link posted by Rob.
Is there a specific reason you are trying to recreate the certificates on all the servers? The Keystore password is computationally generated for security reasons and will not be found anywhere on the disk.
In my case, yes. We have a wildcard SSL cert that we would like to use instead of having to submit separate CSRs for each server (and paying for each individual cert). Since certificates and keys are bound together, we would need the ability to import both the private key and public cert into the keystore, and without the password it is not possible to do this.
This is a reasonable request and it would be greatly appreciated if information on how to derive the keystore password could be divulged so we can replace the dell certificate in the keystore with one of our own choosing.
Has anyone figured this out? I tool have the same issue. I had a process of replacing the keystore before OMSA switched to using tomcat instead of IBM websphere.. and now I can't edit/work with the existing keystore because the password is hidden. I realize I could probably replace the password with one of my choosing but this would be less secure and I would like to avoid it if possible. I have 40+ servers I need to update the keystores for and doing each one manually doesn't seem the smartest way to do it.
Lios - this is a question on OpenManage Server Administrator (OMSA) and not OpenManage Essentials. You'll have better luck at getting a good answer if you post this question in the general Systems Management forum located here:
DELL-Rob C
3 Apprentice
•
2.8K Posts
0
March 14th, 2012 08:00
Hi, I'm not too sure about this one. You may check in the System Mgt forum to see if more folks can jump in. Though with OME, you can do an omconfig/omremote command to help make it easier to change on a number of servers...something like this maybe.
omconfig preferences webserver attribute=sslencryption setting=
Rob
sys mgt forum:
en.community.dell.com/.../4469.aspx
cgillehe
12 Posts
0
April 17th, 2012 08:00
Kind of on the same topic, but is it possible to script the recreation of the OMSA SSL cert on a number of servers?
I'm trying to use Keytool to create a new certificate, yet I can't edit the keystore.db file (it asks for a password that I haven't been able to find anywhere) as it is, and really really really don't want to resort to manually recreating a certificate on 50+ machines from the GUI.
It would be nice if we could fix this before we installed OMSA...
DELL-Abhijit P
Community Manager
•
711 Posts
0
April 17th, 2012 09:00
Hi,
Thanks for your post. You can get more responses if you post it on the system management forum at the link posted by Rob.
Is there a specific reason you are trying to recreate the certificates on all the servers? The Keystore password is computationally generated for security reasons and will not be found anywhere on the disk.
Regards
Abhijit
subzero2000
2 Posts
0
June 8th, 2012 11:00
In my case, yes. We have a wildcard SSL cert that we would like to use instead of having to submit separate CSRs for each server (and paying for each individual cert). Since certificates and keys are bound together, we would need the ability to import both the private key and public cert into the keystore, and without the password it is not possible to do this.
This is a reasonable request and it would be greatly appreciated if information on how to derive the keystore password could be divulged so we can replace the dell certificate in the keystore with one of our own choosing.
Thanks.
Lios
14 Posts
0
May 1st, 2014 09:00
Has anyone figured this out? I tool have the same issue. I had a process of replacing the keystore before OMSA switched to using tomcat instead of IBM websphere.. and now I can't edit/work with the existing keystore because the password is hidden. I realize I could probably replace the password with one of my choosing but this would be less secure and I would like to avoid it if possible. I have 40+ servers I need to update the keystores for and doing each one manually doesn't seem the smartest way to do it.
Dell-PPrabhu
58 Posts
0
May 1st, 2014 13:00
Lios - this is a question on OpenManage Server Administrator (OMSA) and not OpenManage Essentials. You'll have better luck at getting a good answer if you post this question in the general Systems Management forum located here:
http://en.community.dell.com/techcenter/systems-management/f/4469.aspx
- PPrabhu