HP CloudSystem Foundation Guia do Utilizador Página 190
- Página / 211
- Índice
- RESOLUÇÃO DE PROBLEMAS
- MARCADORES
Avaliado. / 5. Com base em avaliações de clientes
NOTE: If you are using a load-balanced (round robin) solution for your directory server,
obtain the FQDN of one node in the server by entering the following commands.
nslookup <directory-server-FQDN>
A list of IP addresses is returned. Select one IP address and enter:
nslookup <directory-server-IP address>
Enter the FQDN returned for this IP address as the <directory-server-FQDN> in the
openssl command above.
3. Edit ldapserver.pem and remove all lines except for the contents of the certificate, and the
Begin Certificate and End Certificate lines.
Keep all certificates in the file so that you include the entire chain. If your certificate chain has
more than one CA, all CAs must be included. Make sure there are no blank lines or white
space.
Example ldapserver.pem file after editing:
-----BEGIN CERTIFICATE-----
M123DTCCAvWgAwIBAgIJANgTCE…
IFl1P+c9Gro82S7z
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEDTCCAvWgAwIBAgIJANgTCE…
IFl1P+c9Gro82S7z
-----END CERTIFICATE-----
4. Replace the old ldapserver.pem certificate file with the new file using the following
commands:
sudo mv /ci/data/keystone/ldapserver.pem /ci/data/keystone/ldapserver.pem.old
sudo mv ldapserver.pem /ci/data/keystone/ldapserver.pem
sudo chown trm1:keystone /ci/data/keystone/ldapserver.pem
sudo chmod 640 /ci/data/keystone/ldapserver.pem
5. Edit /etc/keystone/keystone.conf and delete the line tls_req_cert = allow.
sudo sed -i "s/tls_req_cert = allow//g" /etc/keystone/keystone.conf
6. Restart the OpenStack-Keystone service.
sudo service openstack-keystone restart
Using Active Directory
Procedure 84 Enabling strong certificate validation if your directory service is Active Directory
1. Export the Certificate Authority (CA) certificate to a file by entering the following command
where Active Directory Certificate Services is running:
certutil -ca.cert CA.cer > ca.pem
2. Copy the ca.pem file to an internal Secure FTP (SFTP) server. Use TEXT as the transfer mode.
3. Log in to the CloudSystem Foundation base appliance console. See Using the CloudSystem
appliances console (page 199).
4. Get the exported ca.pem file from the internal SFTP server.
5. Get the Active Directory server certificate.
sudo openssl s_client -showcerts -host <directory-server-FQDN> -port
636 > ad.pem
190 Enabling strong certificate validation in the CloudSystem Portal
- Abstract 1
- Contents 3
- 4 Contents 4
- Contents 5 5
- 6 Contents 6
- Contents 7 7
- 8 Contents 8
- Contents 9 9
- 10 Contents 10
- Consumers 12
- Administrator 12
- Resources 12
- OpenStack 12
- Features 13
- 2 Concepts and architecture 15
- Associated appliances 16
- Physical servers 17
- User authentication 17
- OpenStack technology 18
- Network tasks and user roles 20
- 3 Security in CloudSystem 22
- Restricting console access 24
- Protecting credentials 25
- 26 Security in CloudSystem 26
- 4 Installation 27
- About Activity 29
- About alerts 30
- About tasks 31
- About the Activity sidebar 31
- Activity states 31
- Icon descriptions 32
- User control icons 33
- Browser requirements 34
- Search resources 35
- 6 Support and other resources 37
- Download audit logs 38
- Create a support dump file 39
- How to contact HP 41
- HP authorized resellers 41
- Documentation feedback 41
- Related information 41
- HP CloudSystem documents 42
- HP Software documents 42
- Related information 43 43
- HP ProLiant servers documents 44
- About managing the appliance 46
- Shut down the appliance 47
- Restart the appliance 47
- Reboot Foundation appliances 48
- Update Foundation appliances 48
- –insecure 51
- 8 Manage users and groups 52
- ◦ Initial password 53
- ◦ User's full name 53
- Authenticating users 54
- Adding a directory server 54
- Add a directory service 55
- 56 Manage users and groups 56
- Add a directory server 58
- Add a directory group 59
- 60 Manage users and groups 60
- Allow local logins 61
- Disable local logins 61
- Challenge = xyaay42a3a 62
- Password: 62
- VET ROME DUE HESS FAR GAS 62
- 9 Manage licenses 63
- License keys 64
- License key format 65
- View license details 66
- 10 Manage security 67
- Verifying a certificate 68
- Configuring cloud resources 70
- 12 Network configuration 73
- About Provider Networks 74
- Delete Provider Network 75
- About Private Networks 76
- About the External Network 77
- 78 Network configuration 78
- About the External Network 79 79
- 80 Network configuration 80
- Managing integrated tools 81
- VMware vCenter Server 82
- VMware vCenter Server 83 83
- 14 Image management 84
- Creating and obtaining images 85
- Add Image 86
- Edit Image 87
- Delete Image 88
- 15 Storage configuration 89
- Edit Block Storage Drivers 90
- Delete Block Storage Drivers 91
- About volume types 91
- Add Volume Types 92
- About Volumes 93
- Understanding Volumes data 94
- Delete Volumes 95
- 16 Compute node creation 96
- Configuring networks 97
- 98 Compute node creation 98
- Creating KVM compute nodes 99
- 102 Compute node creation 102
- 17 Compute node management 103
- 104 Compute node management 104
- Import a cluster 105
- Activate a compute node 105
- Deactivate a compute node 106
- Delete a compute node 107
- Start instance 108
- About Flavors 109
- Flavors in the cloud 110
- Manage flavors 110
- Add Flavor 110
- Delete Flavor 111
- About the Console Dashboard 112
- Dashboard status indicators 113
- Data refresh 114
- Create a security group 118
- Create a key pair 119
- Create a Private network 119
- CloudSystem Portal 122
- Enterprise in the cloud 124
- Multitenancy in Enterprise 125
- 23 Install Enterprise 126
- Enterprise appliance settings 132
- • Current date and time 133
- Set up a template 135
- Create a server group 135
- Create an offering 136
- Deploy an offering 137
- You cannot log in 141
- First-time setup 141
- External difficulties 142
- Enterprise management hosts 142
- Audit log 144
- Licensing 144
- Cannot add directory service 149
- Cannot add directory group 150
- CloudSystem Console 153
- Troubleshooting networks 155
- Neutron CLI 157
- OpenStack Nova command errors 158
- Floating IPs are not working 158
- Troubleshooting images 162
- Troubleshooting storage 166
- Unable to edit a volume type 170
- Troubleshooting compute nodes 173
- Implementation error 182
- 29 Troubleshoot CLI errors 183
- 30 Troubleshoot Enterprise 185
- Part VII Appendices 188
- Using OpenLDAP 189
- Using Active Directory 190
- -----BEGIN CERTIFICATE 191
- MIIEDTCCAvWgAwIBAgIJANgTCE 191
- IFl1P+c9Gro82S7z 191
- -----END CERTIFICATE 191
- Getting help for csadmin 192
- Command syntax and examples 193
- DefinitionArgument 198
Manuais e produtos relacionados com Software HP CloudSystem Foundation
Software HP TC3100 Manual do Utilizador
(121 páginas)
(121 páginas)
Software HP c8000 Workstation Guia do Utilizador
(89 páginas)
(89 páginas)
Software HP PROCURVE 6120 Manual do Utilizador
(589 páginas)
(589 páginas)
Software HP B.06.X Manual do Utilizador
(78 páginas)
(78 páginas)
Software HP 3PAR Guia do Utilizador
(676 páginas)
(676 páginas)
Software HP E3000 Manual do Utilizador
(111 páginas)
(111 páginas)
Software HP 4000S Guia do Utilizador
(246 páginas)
(246 páginas)
Software HP C50 Manual do Utilizador
(484 páginas)
(484 páginas)
Software HP NonStop G-Series Guia do Utilizador
(103 páginas)
(103 páginas)
Software HP B6960-96008 Manual do Utilizador
(396 páginas)
(396 páginas)
Software HP rp7410 Guia do Utilizador
(266 páginas)
(266 páginas)
Software HP 11i Manual do Utilizador
(113 páginas)
(113 páginas)
Software HP 41B Manual do Utilizador
(44 páginas)
(44 páginas)
Software HP P6350 Manual do Utilizador
(316 páginas)
(316 páginas)
Software HP CD52ce Manual do Utilizador
(109 páginas)
(109 páginas)
© 2020, manymanuals-pt.com. Todos os direitos reservados. | 0.051 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais