Note: If you are using an iLo-based rack server configuration, you have the ability to enable SSL verification for added security. When Creating an Adapter Instance (HPE ProLiant), set the Verify SSL (iLo only) Advanced Setting to Yes to enable the feature (requires the adapter to validate that the SSL certificate has been added to the vROps truststore). If you leave the setting set to No (default), the management pack will accept all SSL certificates.

To add an SSL certificate to the vROps truststore:

  1. Obtain the SSL certificate for your HPE host server from your Internet browser. Export the certificate as an X.509 Certificate (PEM).
  2. Copy the certificate to your vROps machine.

  3. Use ‘ssh’ to log in to the vROps machine as the root user, then run the following command:

    Linux:

    $VCOPS_BASE/jre/bin/keytool -import -alias <product_alias> -file /tmp/<certfile> -keystore "$VCOPS_DATA_VCOPS/user/conf/ssl/tcserver.truststore" -storepass `grep ssltruststorePassword /storage/vcops/user/conf/ssl/storePass.properties | sed s/ssltruststorePassword=//` -trustcacerts

    Windows:

    %VCOPS_BASE%\jre\bin\keytool -import -alias <product_alias> C:\path\to\certfile -keystore “%VCOPS_DATA_VCOPS%\user\conf\ssl\tcserver.truststore” -storepass <truststore_password> -trustcacerts

    Note: The <truststore_password> is generated by vROps and is located in/storage/vcops/user/conf/ssl/storePass.properties. Copy the password from thessltruststorePassword= field and paste it in the <truststore_password> placeholder.

    Parameter Descriptions:

    • product_alias is a unique name for each key that you add (per host)
    • certfile is the location where the cert file was saved
  4. Run the reboot command to re-start the vROps machine for the changes to take effect.