DX Unified Infrastructure Management

  • Private Community
 View Only

  • 1.  TLS1.2 - 9.20

    Posted Jul 13, 2020 05:45 AM
    Hello expert,

    I have install 9.20. However, I have yet to enable TLS1.2.
    All the agents and hub did not configure to 9.20S. 

    I know that the step is to deploy hub_adapter probe to all the agents and is successful.
    The 2nd step is to issue an cert and enable tunneling on the hub probe and is successful. 
    The 3rd step is to create an robot cert package. However, i could not locate probe commandset: create_robot_cert_package (when select hub probe and ctrl-p)..

    Where can i find create_robot_cert_package?

    Did i miss out any step?  


    Thanks


  • 2.  RE: TLS1.2 - 9.20

    Broadcom Employee
    Posted Jul 13, 2020 10:50 AM
    HI Hong,

    Not sure about what steps you are following but the call back should be in the 9.20S Hub version and above. verify it is a "S" version. Here is a good doc for you to review.
    http://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/it-operations-management/unified-infrastructure-management/9-0-2/upgrading/ca-uim-upgrade-step-3-deploy-the-upgrade/upgrade-uim-server/secure-hub-and-robot-ca-uim-9-sp1.html#concept.dita_f62572d254ddf8ce7e93542f9678695656953779_upgradescenariosUpgradeExistingCAUIM902SetuptoSecureHubandRobot
    Original Message


  • 3.  RE: TLS1.2 - 9.20

    Posted Jul 13, 2020 09:58 PM
    Dear Gregg Stillwell,

    I am currently on 9.20 version without the secure. 
    Isit that i will need to make my hub to 9.20S. In order to create_robot_cert_package?
    I am missing of create_robot_cert_package. 
    Original Message


  • 4.  RE: TLS1.2 - 9.20

    Posted Jul 14, 2020 07:52 AM
    Zhi Lin,

    Hopefully this install is in a development environment and not production. The easiest way to go from non secure to secure, is first ensure secure bus is a 'must have' and if it is run the installer again and this time choose the secure bus option. Manually implementing secure bus is a challenge to say the least.

    ------------------------------
    Support Engineer
    Broadcom
    ------------------------------

    Original Message


  • 5.  RE: TLS1.2 - 9.20

    Broadcom Employee
    Posted Jul 14, 2020 06:17 PM
    Yes I believe only the "S" hub version will have the callback. That Doc link I pasted is/was veru use full in setting up a partial Secure setup if you do not want a full via the install program.
    Original Message


  • 6.  RE: TLS1.2 - 9.20

    Posted Jul 14, 2020 10:05 PM
    Yup. Will proceed with the S hub probe upgrade today. 
    Yea noted on the doc.
    Original Message


  • 7.  RE: TLS1.2 - 9.20

    Posted Jul 14, 2020 10:04 PM
    Haha.
    So far, i always choice the most longer method is to install manual for hubs and agents. 
    Is a production server. But still on implementation phase.
    Original Message


  • 8.  RE: TLS1.2 - 9.20

    Posted Jul 15, 2020 04:10 AM
    Dear all,


    I am able to make it to TLS1.2 for all my agents and primary hub. 

    Now trying to figure out secondary hub.. I should push down the hub secure for secondary hub first instead of primary hub.
    Original Message


  • 9.  RE: TLS1.2 - 9.20

    Posted Jul 17, 2020 03:07 AM
    Hello David,

    I have successful secure my agents and hub on primary hub. However, currently i am stuck on secondary hub. 
    Current status for secure is primary hub and non secure is secondary hub.

    https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/it-operations-management/unified-infrastructure-management/9-0-2/upgrading/ca-uim-upgrade-step-3-deploy-the-upgrade/upgrade-uim-server/secure-hub-and-robot-ca-uim-9-sp1.html

    My secondary hub is unable to see any archive, therefore i am unable to make it to secure. When load the probe on secondary hub, all appear as raw configuration. Any idea or anyone can advise? I need to make it to secure for secondary hub. 
    Original Message