Different levels of security can be configured in the Management Pack for Citrix ADC. The least secure configuration is to set the SSL Configuration Advanced Setting to No SSL. The next level of security is to set SSL Configuration to No Verify, and the Management Pack will accept all SSL certificates. For the highest level of security, you can set SSL Configuration to Verify, and the Management Pack will have to verify the SSL certificate on your VMware Aria Operations system.
To add an SSL certificate to the VMware Aria Operations Truststore:
Obtain the SSL certificate for your ADC Appliance server from your Internet browser. Export the certificate as an X.509 Certificate (PEM).
Copy the certificate to your VMware Aria Operations machine.
Use ‘ssh’ to log in to the VMware Aria Operations machine as the root user, then run the following command:
Linux:
$VCOPS_BASE/jre/bin/keytool -import -alias <product_alias> /tmp/<certfile> -keystore “$VCOPS_DATA_VCOPS/user/conf/ssl/tcserver.truststore” -storepass `grep ssltruststorePassword /storage/vcops/user/conf/ssl/storePass.properties | sed s/ssltruststorePassword=//` -trustcacerts
Windows:
%VCOPS_BASE%\jre\bin\keytool -import -alias <product_alias> C:\path\to\certfile -keystore “%VCOPS_DATA_VCOPS%\user\conf\ssl\tcserver.truststore” -storepass <truststore_password> -trustcacerts
Parameter Descriptions:
-alias is a unique name for each key that you add (per host)
certfile is the location where the cert file was saved
Run the reboot command to re-start the VMware Aria Operations machine for the changes to take effect.
