We recommend adding a NetApp HCI host server SSL certificate to the vROps truststore to help provide an added level of security. If you select Verify for the SSL Config Advanced Setting when Creating an Adapter Instance (NetApp HCI), the management pack will attempt to verify the SSL certificate on your vROps system. You should be prompted for this to happen automatically when clicking Test Connection. If you encounter any issues, the following instructions outline how to manually add the SSL certificate to your vROps truststore.
To add the SSL certificate to your vROps truststore:
- Obtain the SSL certificate for your NetApp HCI host server from your Internet browser. Export the certificate as an X.509 Certificate (PEM).
- Copy the certificate to your vROps machine.
Use ‘ssh’ to log in to the vROps machine as the root user, then run the following command:
$VCOPS_BASE/jre/bin/keytool -import -alias <product_alias> -file /tmp/<certfile> -keystore "$VCOPS_DATA_VCOPS/user/conf/ssl/tcserver.truststore" -storepass `grep ssltruststorePassword /storage/vcops/user/conf/ssl/storePass.properties | sed s/ssltruststorePassword=//` -trustcacerts
%VCOPS_BASE%\jre\bin\keytool -import -alias <product_alias> C:\path\to\certfile -keystore "%VCOPS_DATA_VCOPS%\user\conf\ssl\tcserver.truststore" -storepass <truststore_password> -trustcacerts
- <product_alias> is a unique name for each key that you add (per host)
- <certfile> is the location where the cert file was saved
- Run the reboot command to re-start the vROps machine for the changes to take effect.