Use this topic to change the default Secure Sockets Layer repertoire
key files.
About this task
The default Secure Sockets
Layer (SSL) repertoire is used to securely communicate between internal Java
processes when you enable global security. If you change the key files that
are used by the deployment manager default SSL repertoire, you must change
the default SSL key files of the federated nodes to the same key files that
are used by the deployment manager default SSL repertoire. After changing
the default SSL key files that are used by the deployment manager, but before
federating a new node with global security enabled, you must change the default
SSL key files of the unfederated node to match the key files that are used
by the deployment manager. Without this change, the deployment manager fails
to connect to the unfederated node when the deployment manager attempts to
federate it. Complete the following instructions to configure the deployment
manager and the nodes to use the new key file:
Procedure
- Click Security > SSL > node_SSL_settings .
- Modify the value of the Key File Name and Key File Password fields
to access the new key file.
- Select the format from the Key File Format options that matches
the format used by the new key file.
- Modify the value of the Trust File Name and Trust File
Password fields to access the new trust file.
- Select the format from the Trust File Format options that matches
the format that is used by the new trust file.
- Click Apply to apply the changes.
- If error messages do not display at the top of the window, click Save to
save the changes to the master configuration.
Important: Do
not restart the deployment manager before completing the previous steps for
the default SSL repertoire settings on the federated node or nodes. If you
restart the deployment manager before you change the default SSL key files
for the federated nodes, the deployment manager cannot communicate with the
federated nodes with global security enabled. To fix this problem, revert
the deployment manager default SSL key files back to the original key and
trust files and restart the deployment manager.
What to do next
Repeat the steps for the
SSL settings on each federated node. If a federated node is on a separate
machine, copy the key and trust files onto that machine. After repeating the
steps for each federated node, restart the deployment manager and all of the
federated nodes.