CA NetQoS Performance Center



Similar documents
Upgrade Guide. CA Application Delivery Analysis 10.1

CA Cloud Service Delivery Platform

CA Spectrum and CA Embedded Entitlements Manager

CA VPN Client. User Guide for Windows

CA Cloud Service Delivery Platform

CA Nimsoft Service Desk

CA Performance Center

CA APM Cloud Monitor. Scripting Guide. Release 8.2

CA Unified Infrastructure Management Server

CA Spectrum. Microsoft MOM and SCOM Integration Guide. Release 9.4

CA Technologies SiteMinder

How To Install Caarcserve Backup Patch Manager (Carcserver) On A Pc Or Mac Or Mac (Or Mac)

CA Spectrum and CA Service Desk

CA Nimsoft Unified Management Portal

CA Cloud Service Delivery Platform

CA Nimsoft Monitor. Probe Guide for Active Directory Response. ad_response v1.6 series

CA Change Manager Enterprise Workbench r12

CA Nimsoft Monitor. Probe Guide for Performance Collector. perfmon v1.5 series

CA Clarity PPM. Connector for Microsoft SharePoint Release Notes. v2.0.00

CA Mobile Device Management. How to Create Custom-Signed CA MDM Client App

Nimsoft Monitor. dns_response Guide. v1.6 series

CA Nimsoft Monitor. Probe Guide for Microsoft Exchange Server Response Monitoring. ews_response v1.1 series

BrightStor ARCserve Backup for Linux

CA ARCserve Backup for Windows

CA Nimsoft Monitor. Probe Guide for DNS Response Monitoring. dns_response v1.6 series

CA Performance Center

Unicenter NSM Integration for BMC Remedy. User Guide

CA Clarity PPM. Connector for Microsoft SharePoint Product Guide. Service Pack

CA Nimsoft Monitor. Probe Guide for URL Endpoint Response Monitoring. url_response v4.1 series

CA Nimsoft Monitor. Probe Guide for Cloud Monitoring Gateway. cuegtw v1.0 series

Arcserve Cloud. Arcserve Cloud Getting Started Guide

CA SiteMinder. Directory Configuration - OpenLDAP. r6.0 SP6

Chapter 1: How to Configure Certificate-Based Authentication

CA Nimsoft Monitor. Probe Guide for Lotus Notes Server Monitoring. notes_server v1.5 series

CA Clarity Project & Portfolio Manager

CA Nimsoft Monitor. Probe Guide for Java Virtual Machine Monitoring. jvm_monitor v1.4 series

CA Nimsoft Monitor. Probe Guide for CA ServiceDesk Gateway. casdgtw v2.4 series

CA Spectrum and CA Performance Center

Chapter 1: How to Register a UNIX Host in a One-Way Trust Domain Environment 3

Deploying Remote Desktop IP Virtualization Step-by-Step Guide

CA Nimsoft Monitor. Probe Guide for Internet Control Message Protocol Ping. icmp v1.1 series

ehealth Psytechnics Integration for User Guide r6.0 SP3

CA SiteMinder. Web Agent Installation Guide for IIS 12.51

HTTP communication between Symantec Enterprise Vault and Clearwell E- Discovery

CA SiteMinder. Web Agent Installation Guide for IIS. r12.5

CA Nimsoft Monitor. Probe Guide for E2E Application Response Monitoring. e2e_appmon v2.2 series

CA ARCserve Replication and High Availability for Windows

Connector for CA Unicenter Asset Portfolio Management Product Guide - On Premise. Service Pack

CA SMF Director. Release Notes. Release

Deploying Personal Virtual Desktops by Using RemoteApp and Desktop Connection Step-by-Step Guide

CA Desktop Migration Manager

CA Unified Infrastructure Management

DevTest Solutions. Local License Server. Version 2.1.2

CA XOsoft Replication for Windows

Wavecrest Certificate

CA Nimsoft Monitor. Probe Guide for iseries System Statistics Monitoring. sysstat v1.1 series

CA Process Automation

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

CA Nimsoft Monitor. Probe Guide for Apache HTTP Server Monitoring. apache v1.5 series

Deploying Remote Desktop Web Access with Remote Desktop Connection Broker Step-by- Step Guide

CA Workload Automation Agent for Microsoft SQL Server

Mobile Time Manager. Release 1.2.1

SETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE)

BrightStor ARCserve Backup for Windows

CA Clarity Project & Portfolio Manager

etrust Audit Using the Recorder for Check Point FireWall-1 1.5

CA ARCserve Replication and High Availability

Dell Statistica Document Management System (SDMS) Installation Instructions

Customizing Remote Desktop Web Access by Using Windows SharePoint Services Stepby-Step

CA Nimsoft Monitor Snap

CA ARCserve Replication and High Availability

BrightStor ARCserve Backup for Laptops & Desktops

CA Workload Automation Agent for Remote Execution

CA Unified Infrastructure Management

CA Mobile Device Management 2014 Q1 Getting Started

Using Self Certified SSL Certificates. Paul Fisher. Quest Software. Systems Consultant. Desktop Virtualisation Group

BrightStor ARCserve Backup for Windows

CA ARCserve Replication and High Availability for Windows

LAB 1: Installing Active Directory Federation Services

CA Nimsoft Service Desk. Compatibility Matrix

CA SiteMinder. Agent for IIS Installation Guide. r12.0 SP3

Enable SSL for Apollo 2015

CA Identity Manager. Glossary. r12.5 SP8

RSA Security Analytics

CA ARCserve Backup for Windows

CA ARCserve Replication and High Availability

CA Unified Infrastructure Management

CA SiteMinder. SDK Overview. r6.0 SP6/6.x QMR 6. Second Edition

Unicenter Patch Management

CA Process Automation

CA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam

Setting Up SSL on IIS6 for MEGA Advisor

CA Cloud Storage for System z

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

CA Business Intelligence

CA ARCserve Backup for Windows

CA Clarity PPM. Demand Management User Guide. v

INSTALLING YOUR SSL CERTIFICATE ON THE FILEHOLD SERVER ON WINDOWS 2008 X64 ON IIS 7

Arcserve Backup for Windows

Microsoft Exchange 2010 and 2007

Transcription:

CA NetQoS Performance Center Install and Configure SSL for Windows Server 2008 Release 6.1 (and service packs)

This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is for your informational purposes only and is subject to change or withdrawal by CA at any time. This Documentation may not be copied, transferred, reproduced, disclosed, modified or duplicated, in whole or in part, without the prior written consent of CA. This Documentation is confidential and proprietary information of CA and may not be disclosed by you or used for any purpose other than as may be permitted in (i) a separate agreement between you and CA governing your use of the CA software to which the Documentation relates; or (ii) a separate confidentiality agreement between you and CA. Notwithstanding the foregoing, if you are a licensed user of the software product(s) addressed in the Documentation, you may print or otherwise make available a reasonable number of copies of the Documentation for internal use by you and your employees in connection with that software, provided that all CA copyright notices and legends are affixed to each reproduced copy. The right to print or otherwise make available copies of the Documentation is limited to the period during which the applicable license for such software remains in full force and effect. Should the license terminate for any reason, it is your responsibility to certify in writing to CA that all copies and partial copies of the Documentation have been returned to CA or destroyed. TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENTATION AS IS WITHOUT WARRANTY OF ANY KIND, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. IN NO EVENT WILL CA BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY LOSS OR DAMAGE, DIRECT OR INDIRECT, FROM THE USE OF THIS DOCUMENTATION, INCLUDING WITHOUT LIMITATION, LOST PROFITS, LOST INVESTMENT, BUSINESS INTERRUPTION, GOODWILL, OR LOST DATA, EVEN IF CA IS EXPRESSLY ADVISED IN ADVANCE OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE. The use of any software product referenced in the Documentation is governed by the applicable license agreement and such license agreement is not modified in any way by the terms of this notice. The manufacturer of this Documentation is CA. Provided with Restricted Rights. Use, duplication or disclosure by the United States Government is subject to the restrictions set forth in FAR Sections 12.212, 52.227-14, and 52.227-19(c)(1) - (2) and DFARS Section 252.227-7014(b)(3), as applicable, or their successors. Copyright 2013 CA. All rights reserved. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.

Contact CA Technologies Contact CA Support For your convenience, CA Technologies provides one site where you can access the information that you need for your Home Office, Small Business, and Enterprise CA Technologies products. At http://ca.com/support, you can access the following resources: Online and telephone contact information for technical assistance and customer services Information about user communities and forums Product and documentation downloads CA Support policies and guidelines Other helpful resources appropriate for your product Providing Feedback About Product Documentation If you have comments or questions about CA Technologies product documentation, you can send a message to techpubs@ca.com. To provide feedback about CA Technologies product documentation, complete our short customer survey which is available on the CA Support website at http://ca.com/docs.

Contents Chapter 1: Installing and Configuring SSL 7 Prerequisites... 7 Create or Import the Certificate... 7 Create a Self-Signed Certificate... 7 Import a Certificate... 9 Configure the IIS Application... 10 Enable HTTPS Through Single Sign-On... 11 Modify the Single Sign-On XML Files... 12 Modify the Data Source Connection Method... 13 Verify Database Settings... 13 Known Issues... 15 Contents 5

Chapter 1: Installing and Configuring SSL This document shows you how to install and configure Secure Sockets Layer (SSL) for use by CA NetQoS Performance Center and its data sources. Perform the procedures in the order in which they appear in the document. This section contains the following topics: Prerequisites (see page 7) Create or Import the Certificate (see page 7) Configure the IIS Application (see page 10) Enable HTTPS Through Single Sign-On (see page 11) Modify the Single Sign-On XML Files (see page 12) Modify the Data Source Connection Method (see page 13) Verify Database Settings (see page 13) Known Issues (see page 15) Prerequisites Before attempting to configure SSL for CA NetQoS Performance Center, ensure that your data source applications are installed, configured, and registered as data sources for CA NetQoS Performance Center. Create or Import the Certificate SSL requires you to create a self-signed certificate or to import a certificate from CA. Create a Self-Signed Certificate Use this procedure if you did not receive a certificate from CA. Perform the procedure on the CA NetQoS Performance Center console server. (Optional) Also perform the procedure on the data source console server to enable seamless (using SSO) drill down from views in CA NetQoS Performance Center into the data source. Chapter 1: Installing and Configuring SSL 7

Create or Import the Certificate Follow these steps: 1. Click Start, Control Panel, System and Maintenance, Administrative Tools, Internet Information Services (IIS) Manager. 2. In IIS Manager, double-click Server Certificates in the IIS section of the center pane. The Server Certificates pane opens. 3. In the Actions pane, click 'Create Self-Signed Certificate'. 4. In the Specify Friendly Name dialog, enter a name for the certificate. Users will use this name to access the server. 5. Click OK. 6. Verify that the certificate is trusted: a. Click Start and type mmc in the search field. The Console Root window opens. b. Add the certificate snap-in for the local computer: In the Console Root window, click File, Add/Remove Snap-in. Double-click Certificates in the Available snap-ins list and select 'Computer account' from the Certificates snap-in dialog. Click Next. Select 'Local computer' in the Select Computer dialog. Click Finish. Click OK in the Add or Remove Snap-ins dialog. c. In the left pane of the Console Root window, expand Certificates (Local Computer). d. Expand Trusted Root Certification Authorities and click Certificates. The list of certificates appears in the center pane. e. Find your certificate in the list. 8 Install and Configure SSL for Windows Server 2008

Create or Import the Certificate Import a Certificate Use this procedure if you received a certificate from CA. Perform this procedure on the CA NetQoS Performance Center console server. (Optional) Also perform the procedure on the data source console server to enable seamless (using SSO) drill down from views in CA NetQoS Performance Center into the data source. Follow these steps: 1. Click Start, Control Panel, System and Maintenance, Administrative Tools, Internet Information Services (IIS) Manager. 2. In IIS Manager, double-click Server Certificates in the IIS section of the center pane. The Server Certificates pane opens. 3. In the Actions pane, click Import. 4. In the Import Certificate dialog, browse to and select your certificate in the 'Certificate file (.pfx)' field. 5. Provide a password in the Password field if the certificate was exported with a password. 6. Clear the 'Allow this certificate to be exported' check box if you do not want to allow more exports of the certificate. 7. Click OK. 8. Verify that the certificate is trusted: a. Click Start and type mmc in the search field. The Console Root window opens. b. Add the certificate snap-in for the local computer: In the Console Root window, click File, Add/Remove Snap-in. Double-click Certificates in the Available snap-ins list and select 'Computer account' from the Certificates snap-in dialog. Click Next. Select 'Local computer' in the Select Computer dialog. Click Finish. Click OK in the Add or Remove Snap-ins dialog. c. In the left pane of the Console Root window, expand Certificates (Local Computer). d. Expand Trusted Root Certification Authorities and click Certificates. The list of certificates appears in the center pane. e. Find your certificate in the list. Chapter 1: Installing and Configuring SSL 9

Configure the IIS Application Configure the IIS Application The procedure shows you how to configure IIS to respond to SSL requests. Configuring IIS consists of configuring an SSL port for HTTPS, assigning the certificate to the web server, and modifying the HTTP header expiration. Perform the procedure on the CA NetQoS Performance Center server and the data source server. Follow these steps: 1. Configure the SSL port and assign the certificate. By default, IIS does not have a port defined for HTTPS. a. Click Start, Control Panel, System and Maintenance, Administrative Tools, Internet Information Services (IIS) Manager. b. In IIS Manager, expand Sites in the Connections pane and click 'Default Web Site'. c. In the Actions pane, click Bindings. d. In the Site Bindings dialog, click Add. e. In the Add Site Binding dialog, complete the following fields: Type: Select https. IP Address: Select All Unassigned. Port: Enter 443. f. Click OK. SSL Certificate: Select the name of the certificate you created or imported (see page 7). 2. Modify the HTTP header expiration for CA NetQoS Performance Center: a. In IIS Manager, expand the 'Default Web Site' and 'npc' folders. b. Click the 'flex_bin' folder. The flex_bin Home page appears in the center pane. c. In the center pane, double-click 'HTTP Response Headers' in the IIS section. d. In the Actions pane, click 'Set Common Headers'. e. In the 'Set Common HTTP Response Headers' dialog, select the 'Expire Web Content' check box. f. Select 'After' and enter '1' and 'Day(s)' in the fields below. g. Click OK. 10 Install and Configure SSL for Windows Server 2008

Enable HTTPS Through Single Sign-On Enable HTTPS Through Single Sign-On Use the Single Sign-On (SSO) Configuration tool to enable HTTPS. Your changes are propagated to data sources during synchronization. Perform the procedure on the CA NetQoS Performance Center server and the data source server. Follow these steps: 1. On the desktop of the CA NetQoS Performance Center server, double-click the SSO icon to open the tool. 2. Click the Performance Center tab. The field names are clickable links. 3. Click the following field names to make the indicated overrides: Web Site Scheme: Change to https. Important: Although you are changing the scheme, web services continue to run on HTTP. Web Site Host (for SSO version 6.1.3 only): Change to the name of the certificate you created or imported in Create or Import the Certificate (see page 7). Web Site Port: Change to 443. Chapter 1: Installing and Configuring SSL 11

Modify the Single Sign-On XML Files 4. Click the Single Sign-On tab. The field names here are also clickable. 5. Click the following field names to make the indicated overrides: Scheme: Change to https. Port: Change to 443. Note: These fields control the SSO login pages for CA NetQoS Performance Center and the data sources. Modify the Single Sign-On XML Files The SSO configuration XML file controls the SSO settings. Perform this procedure only on the CA NetQoS Performance Center server. Follow these steps: 1. Navigate to the following directory: D:\NETQOS\SingleSignOn\Configuration. 2. Open the NetQoSPerformanceCenter.xml file in a text editing tool. 3. Under <SignInPageProductDefaultURL>, change the Scheme and Port fields as shown in the following picture: Scheme: Change to https. Port: Change to 443. Important: Do not change any other field. 4. Save your changes and close the file. 5. In a command-line window, run the following command: iisreset This command forces the website to reload and enables HTTPS access to the website. 12 Install and Configure SSL for Windows Server 2008

Modify the Data Source Connection Method Modify the Data Source Connection Method Perform this procedure only if you want to seamlessly (using SSO) drill-down from CA NetQoS Performance Center into a data source. This procedure enables the drill-down links to use HTTPS. Follow these steps: 1. In the CA NetQoS Performance Center console, click Admin, Data Sources in the menu bar. 2. Right-click the name of the data source you want to configure and click Edit. 3. In the Edit Data Source dialog, disable the 'Same as above' check box in the Web Console area. Because the web services still run on HTTP, they do not use the same configuration as the data source. 4. Complete the new Host Name, Protocol, and Port fields as follows: Host Name: Provide the same host name that you provided when you created or imported the certificate (see page 7). Protocol: Select 'https'. Port: Enter 443. 5. Click Save. 6. Repeat steps 2 through 5 for each data source you want to configure. Verify Database Settings The final task in the process is to verify several database settings. You want to ensure that CA NetQoS Performance Center uses the same host name or FQDN that is listed on the certificate. Follow these steps: 1. From a command prompt, connect to the CA NetQoS Performance Center database: mysql netqosportal Chapter 1: Installing and Configuring SSL 13

Verify Database Settings 2. From a command prompt, list all the settings for SSO: "select * from performance_center_properties;" The list of settings includes the following fields, which are listed as Priority 1: NpcWebSiteHost: set to the FQDN or hostname NpcWebSiteScheme: set to https NpcWebSitePort: set to 443 SsoScheme: set to https SsoPort: set to 443 3. From a command prompt, change the performance_center_properties value that updates the FQDN or host name in the data_sources2 table: REPLACE INTO performance_center_properties VALUES ('NpcWebSiteHost', 2, 'NPC.fqdn.com', 'N', UNIX_TIMESTAMP()); NPC.fqdn.com Provide the actual FQDN or host name from the certificate. 4. Restart the NetQoS Device Manager Service on the CA NetQoS Performance Center server. After the restart, you will have three entries for NpcWebSiteHost. Each entry has a value of 0, 1, and 2, respectively. The entry with a priority of 2 is the entry for the data_sources2 table. Note: The underlying data sources do not have priority 2 in the performance_center_properties table. 5. Repeat step 1, and then run the following command to display the console settings that CA NetQoS Performance Center uses when generating a PDF: "select * from data_sources2;" The list of settings includes the following fields: ConsoleHost (for SourceID 0, which is CA NetQoS Performance Center): set to the priority 2 NpcWebSiteHost value in performance_center_properties ConsolePort: set to 443 as updated by the NpcWebSitePort value in performance_center_properties ConsoleProtocol: set to https as updated by the NpcWebSiteScheme in performance_center_properties. 14 Install and Configure SSL for Windows Server 2008

Known Issues 6. For the CA NetQoS Performance Center and data source servers, add the DNS suffix to the computer name if you are using FQDN. a. Right-click My Computer and select Properties. b. Click 'Advanced System Settings'. c. On the Computer Name tab, click Change. The Computer Name/Domain Changes dialog opens. d. Ensure the 'Computer name' and 'Domain' or 'Workgroup' fields are accurate. e. Click More. The DNS Suffix dialog opens. f. In the 'Primary DNS suffix of this computer' field, provide the DNS suffix to make the full computer name match the certificate. g. Click OK in the DNS Suffix dialog. h. Click OK in the Computer Name/Domain Changes dialog. i. Click OK in the Properties dialog. j. Reboot the server. 7. Ensure that the URL for accessing CA NetQoS Performance Center matches the FQDN or host name from the certificate and the database settings. Known Issues This topic presents known issues and their workarounds. Images Do Not Appear in a PDF For CA NetQoS Performance Center 6.1.158 and 6.1.194 SP1, images in PDFs sent in scheduled email do not appear when you use SSL. Workaround: Apply the patch to 6.1.158 or 6.1.194 SP1, or install version 6.1.205 SP2, which includes the patch. You can obtain the patch from the following locations: ftp://ftp.ca.com/pub/netqos/product_patches/npc/6.1/26034-npc.6.1.158.ssl.sch edemailpatch.zip ftp://ftp.ca.com/pub/netqos/product_patches/npc/6.1.194%20%28sp1%29/26034 -NPC.6.1.194.SSL.SchedEmailPatch.zip Note: If you upgrade from 6.1.158 to 6.1.194 SP1, reapply the patch after upgrading. You do not need to reapply the patch when upgrading to 6.1.205 SP2 from either of the earlier versions. Chapter 1: Installing and Configuring SSL 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information