Versions Compared

Old Version 13

changes.mady.by.user Wara Hermosa

Saved on

compared with

New Version Current

changes.mady.by.user Alejandra Barrientos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

These instructions are applied when SQLDM and Dashboard are installed on different servers and they . They are the continuation of the Resolving Dashboard certificate error message, which means that the Dashboard certificate was already created.

Note
titleCommon Name

Under the Resolving Dashboard certificate error message  instructions make sure instructions, verify that the certificate and the keystore keypair are created to have each server listed as a Common Name (

Newtab2
aliasStep 9
urlhttp://wiki.idera.com/display/Dashboard/Resolving+the+certificate+error+message
).

...

This scenario considers that both products are installed in on different servers:

  • Dashboard is installed and is being accessed on Server 1.
  • SQLDM Services are installed on Server 2.

Once your Dashboard certificate is created on Server 1, follow the steps below

  1. Launch the KeyStore Explorer application, as an Administrator, on Server 1.
    Open the keystore file used for the IDERA Dashboard. When prompted for a password, enter "password", and click OK.
    Image Removed
  2. Right-click on the keypair, select Export, and choose Export Private Key.
    Image Removed
  3. When the Unlock Entry for the Keypair prompts, enter "password", and click OK.
  4. On the Export Private Key Type window, select OpenSSL, and click OK.
  5. On the Export Private Key as OpenSSL from Keystore Entry window, deselect the Encrypt option, update the Export File field if needed, and click OK.
    Image Removed
  6. Install OpenSSL, you can find the available options for this software
    Newtab2
    aliasOpenSSL
    urlhttps://slproweb.com/products/Win32OpenSSL.html
    . Once the installation is complete, launch the Command Prompt with elevated permissions.

  7. Change the directory to the bin folder where the OpenSSL was installed. For example, enter the following command to change the directory:

    Code Block
    languageactionscript3
    themeConfluence
    cd "C:\Program Files\OpenSSL-Win64\bin"

  8. Use the following command as an example to generate the PFX key using the private key and certificate that you previously created.
    "openssl pkcs12 -export -out <file path to the new personal information exchange file>.pfx -inkey <file path path to the private key>.key -in <file path to the certificate>.cer"

    Code Block
    languageactionscript3
    themeConfluence
    openssl pkcs12 -export -out "C:\Program Files\Idera\Dashboard\WebApplication\conf\keystore.pfx" -inkey "C:\Program Files\Idera\Dashboard\WebApplication\conf\localhostone.key" -in "C:\Program Files\Idera\Dashboard\WebApplication\conf\localhostone.cer"

    Once you execute the command, you need to Enter the Export password and the verification password:
    Image Removed
    The PFX key has been created as a result of the command.

    Image Removed

  9. Open the Microsoft Management Console (MMC) by selecting Run from the Start menu, enter "mmc", and click OK.
    Image Added

  10. a. When the MMC window opens, click File from the menu toolbar, and select Add/Remove Snap-in...b.
  11. The Add or Remove Snap-ins window opens, Add Certificates, and click OK.c.
  12. Configure the steps of the Certificate snap-in wizard, and click Finish.e.
  13. Close the Add or Remove Snap-in window by clicking OK.
  14. Expand Certificates, right-click the Personal folder, select All Tasks, and click Import...
    Image RemovedImage Added
  15. Import the .cer certificate under the Trusted Root Certificate Authorities folder on Server 2.
  16. Import the .pfx certificate under the Personal folder on Server 2.
  17. Retrieve the thumbprint of the imported PFX key.
    1. Double-click the imported PFX key.
    2. On the Certificate window, go to the Details tab.

    3. Scroll - down and click Thumbprint. You need to copy the characters from the box.

      Note

      If the thumbprint has extra spaces between the hexadecimal numbers, remove them. For example, the thumbprint ""a9 09 50 2d d8 2a e4 14 33 e6 f8 38 86 b0 0d 42 77 a3 2a 7b" should be edited to ""a909502dd82ae41433e6f83886b00d4277a32a7b".

  18. Follow these last steps to bind the new PFX key by using the commands below:

    1. Open CMD as an Administrator , and execute the following command to delete existing bindings to the IDERA SQL Diagnostic Manager Rest Service on Server 2:

      Code Block
      languageactionscript3
      themeConfluence
      netsh http delete ssl 0.0.0.0:5171

    2. Bind the PFX key by using the following command in an elevated command prompt session on Server 2, GUID SQLDM: 0051d7ed-de72-46d3-ae44-97d566b1ca5a

      Code Block
      languageactionscript3
      themeConfluence
      netsh
http
add sslcert ipport=0.0.0.0:5171 certhash="<thumbprint<PFX of the PFX Key (remove spaces between)>key's thumbprint>" appid="{0051d7ed-de72-46d3-ae44-97d566b1ca5a}" clientcertnegotiation=enable

// Remove the spaces from the PFX Key's thumbprint


Scroll pdf ignore
Newtabfooter
aliasIDERA
urlhttp://www.idera.com
Newtabfooter
aliasProducts
urlhttps://www.idera.com/productssolutions/sqlserver
Newtabfooter
aliasPurchase
urlhttps://www.idera.com/buynow/onlinestore
|
Newtabfooter
aliasSupport
urlhttps://idera.secure.force.com/
|
Newtabfooter
aliasCommunity
urlhttp://community.idera.com
|
Newtabfooter
aliasResources
urlhttp://www.idera.com/resourcecentral
|
Newtabfooter
aliasAbout Us
urlhttp://www.idera.com/about/aboutus
|
Newtabfooter
aliasLegal
urlhttps://www.idera.com/legal/termsofuse