We recommend adding an SSL certificate for your Cohesity host server to the vROps truststore to help provide an added level of security.
To add the SSL certificate to your vROps truststore:
- Obtain the SSL certificate for your Cohesity host server from your Internet browser. Export the certificate as an X.509 Certificate (PEM).
- Copy the certificate to your vROps machine.
Use ‘ssh’ to log in to the vROps machine as the root user, then run the following command:
$VCOPS_BASE/jre/bin/keytool -import -alias <product_alias> -file /tmp/<certfile> -keystore “$VCOPS_DATA_VCOPS/user/conf/ssl/tcserver.truststore” -storepass <truststore_password> -trustcacerts
%VCOPS_BASE%\jre\bin\keytool -import -alias <product_alias> C:\path\to\certfile -keystore “%VCOPS_DATA_VCOPS%\user\conf\ssl\tcserver.truststore” -storepass <truststore_password> -trustcacertsNote: The <truststore_password> is generated by vROps and is located in/storage/vcops/user/conf/ssl/storePass.properties. Copy the password from the ssltruststorePassword=field and paste it in the <truststore_password> placeholder.
- -alias is a unique name for each key that you add (per host)
- certfile is the location where the cert file was saved
- Run the reboot command to re-start the vROps machine for the changes to take effect.