After full OM agent was installed, certificate server switched from BSM DPS to OMW server

  • Document ID:KM00608764
  • Creation Date:15-Oct-2013
  • Modified Date:18-Feb-2014
    • Micro Focus Products:
      operations bridge manager
      application performance management (bac)

Summary

certificates

Error

After a full OM agent was installed, the certificate server switched  from the BSM DPS to the OMW server.

Fix

To resolve this, first remove the full OM agent and make sure all agent related configurations are removed also clean ovconchg file with ovconfchg –edit,  backup file remove all agent related lines
Gateway should have these entries
[ctrl]
START_ON_BOOT=true
[sec.cm.certificates]
CERT_INSTALLED=TRUE
LAST_CERT_UPDATE=Tue Feb 12 12:24:53 2013
LAST_TRUSTED_CERT_UPDATE=Fri Feb 15 07:53:08 2013
[sec.cm.client]
CERTIFICATE_DEPLOYMENT_TYPE=Manual
CERTIFICATE_SERVER=DPSIPADDRESS
[sec.core]
CORE_ID=ec07abd2-792a-7561-19ac-e5343c5709b1
And DPS should look like this :
[ctrl]
START_ON_BOOT=true
[sec.cm.certificates]
CERT_INSTALLED=TRUE
LAST_CERT_UPDATE=Tue Feb 12 12:24:53 2013
LAST_TRUSTED_CERT_UPDATE=Fri Feb 15 07:53:08 2013
[sec.cm.client]
CERTIFICATE_DEPLOYMENT_TYPE=Manual
CERTIFICATE_SERVER=DPSSERVERIP
[sec.core]
CORE_ID=ec07abd2-792a-7561-19ac-e5343c5709b1
 
b. Remove all the certificates from  DPS and Gateway with ovcert –remove CERTID (can get the certid with ovcert –list command)
 
c. Remove  BSM  DPS and BSM  Gateway certificates from OMW server
d. run opr-configure-certificates.bat from DPS and gateway without –n option
e. Use following steps to generate new certificates
 
BSM Gateway
BSM server: ovcert -exporttrusted -file bsmGTW.cert -ovrg server
OM server: ovcert -exporttrusted -file om.cert -ovrg server
Copy bsm.cert and om.cert to a share mounted on both servers
BSM server:  ovcert -importtrusted -file om.cert
BSM server:  ovcert -importtrusted -file om.cert -ovrg server
OM server: ovcert -importtrusted -file bsmGTW.cert
OM server: ovcert -importtrusted -file bsmGTW.cert -ovrg server
 
Verify using ovcert -list, ovcert –check
Use bbcutil –ping to verify communication:
OM: bbcutil –ping <BSM hostname>
BSM: bbcutil –ping <OM hostname>
 
BSM DPS
BSM server: ovcert -exporttrusted -file bsmDPS.cert -ovrg server
OM server: ovcert -exporttrusted -file om.cert -ovrg server ( you cna use same Om.cert)
Copy bsmDPS.cert and om.cert to a share mounted on both servers
BSM server:  ovcert -importtrusted -file om.cert
BSM server:  ovcert -importtrusted -file om.cert -ovrg server
OM server: ovcert -importtrusted -file bsmDPS.cert
OM server: ovcert -importtrusted -file bsmDPS.cert -ovrg server
Verify using ovcert -list, ovcert –check
 
Use bbcutil –ping to verify communication:
OM: bbcutil –ping <BSM hostname>
BSM: bbcutil –ping <OM hostname>
f.  Stop BSM  Gateway and DPS
g. run post install.bat from HPBSM\bin on DPS first and gateway second
h. Start DPS and Start gateway