Changing The Communication Encryption Key - Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010 Installation Manual

Hide thumbs Also See for SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010:

Reference manual (232 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

Table of Contents

The trust relationship will need to be reset for every Collector Manager using the SSL proxy if the

following circumstances apply:

The Sentinel communication server is reinstalled



The Sentinel communication server is moved to a new server

This procedure can also be used to change a Collector Manager from direct mode to proxy mode.

To Reset Trust Relationship for a Collector Manager:

1 Log into the Collector Manager server as the Sentinel Administrator (esecadm by default).

2 Open the

text editor.

3 Modify "Collector_Manager", "agentmanager_events", and "Sentinel" services in

configuration.xml

sample file:

<service name="Collector_Manager" plugins=""

strategyid="proxied_trusted_client"/>

<service name="agentmanager_events" plugins=""

strategyid="proxied_trusted_client"/>

4 Save the file and exit.

5 Run

%ESEC_HOME%\bin\register_trusted_client.bat

see output similar to this:

E:\Program Files\novell\sentinel6>bin\register_trusted_client.bat

Please review the following server certificate:

Type: X.509

Issued To: foo.bar.net

Issued By: foo.bar.net

Fingerprint (MD5): A8:DF:BA:B2:F3:21:C9:27:28:48:13:B3:FE:F8:B4:AD

Would you like to accept this certificate? [Y/N] (defaults to N): Y

Please enter a Sentinel username and password that has permissions to

Username: esecadm

Password:*********

*Writing to keystore file: E:\Program

Files\Novell\Sentinel6\config\.proxyClientKeystore

6 Restart the Sentinel Service on the server hosting the Collector Manager.

7 Repeat these steps on all Collector Managers using the proxy communication.

6.2 Changing the Communication Encryption

Key

The Sentinel installation allows the administrator to generate a new, random encryption key (stored

in the

.keystore

file must be the same on every machine that has a Sentinel Server component installed in order for

communication to work properly.

Sentinel 6.1 Installation Guide

file in $ESEC_HOME/config or %ESEC_HOME%\config in a

configuration.xml

to use "proxied_trusted_client" strategy ID. Here is an excerpt from a

file) or import an existing

(or

.sh

file. With either approach, the

.keystore

file if on UNIX). You will

.keystore

Table of Contents

This manual is also suitable for:

Sentinel 6.1 sp2

Changing The Communication Encryption Key - Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010 Installation Manual

Related Manuals for Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010

Related Content for Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010

This manual is also suitable for:

Table of Contents