The configuration of the TCPS service requires a certain amount of understanding about keystores and certificates. It is similar to the HTTPS configuration of Weblogic, so if you are involved in setting up overall Oracle VM security, this will be straightforward.
It's preferred to use the bundled scripts to create keystore and enable TCPS service for Oracle VM Manager.
When you perform a fresh install of Oracle VM Manager 3.1.1, 3.2.x or 3.3.x, scripts are provided under /u01/app/oracle/ovm-manager-3/bin of the Oracle VM Manager server
· secureOvmmTcpGenKeyStore.sh: create the keystore
· secureOvmmTcp.sh: use the generated keystore to enable the TCPS service for Oracle VM Manager
For Oracle VM Manager 3.2.x and 3.3.x, the scripts are included as part of the default installation.
For detailed instructions how to use the scripts, please refer to the documentation:
- Oracle VM Manager 3.1.1: Enabling Remote Log Ins of Oracle VM Installation and Upgrade Guide.
- Oracle VM Manager 3.2: http://docs.oracle.com/cd/E35328_01/E35330/html/vmiug-manager-tcps.html
- Oracle VM Manager 3.3: http://docs.oracle.com/cd/E50245_01/E50251/html/vmadm-utils-tcps.html
After you follow the instructions to create keystore and enable TCPS service for Oracle VM Manager. Once Oracle VM Manager is restarted, you can verify the status to confirm that Oracle VM Manager is now listening for TCPS requests on port 54322 by default.
| # netstat -a | grep 54322 tcp 0 0*:54322 *:* LISTEN |
For more information, see the following links:
- Oracle VM Download: http://www.oracle.com/technetwork/server-storage/vm/downloads/index.html
- Oracle VM Documentation: http://www.oracle.com/technetwork/server-storage/vm/documentation/index.html
- Oracle Enterprise Manager Documentation: Registering Oracle VM Manager
No comments:
Post a Comment