The following command creates a new SSL certificate for the agent, installs this new certificate in the agent installation directory, configures the agent to only accept secure connections, and restarts the agent with the new configuration:
ccautil -task secureagent -s <server:port_number> -u <login_name> -p <password> or -pwfile </path/filename> -server <agent_servername> -acp <agent_certificate_password> -cap <certificate_authority_password>
Specifies the HTTP or HTTPS CA Configuration Automation Server name and port number that contains the agent you want to secure.
Specifies a valid CA Configuration Automation Server user login name.
Specifies the user’s password. The password shows as clear text on the command line. Alternatively, you can create and use a scrambled password file for authentication. For more information, see Hash Password Option.
Specifies the user’s password file. You can use this argument in place of -p password.
Specifies the server for which you want to secure CA Configuration Automation Agent communications.
Provides a certificate password for the new agent certificate.
Provides the CA Configuration Automation Server certificate authority password to create the new agent certificate. The agent certificate you are creating must be issued for the proper server.
For more information, about SSL certification and the passwords you must enter to create a new SSL certificate, see Creating and Managing Security Certificates.
The following example creates and installs a new SSL certificate for the agent installed on a server named sqldbserver and enables agent security:
ccautil -task secureagent -S qaserver1:8080 -u bsmith -p user250 -server sqldbserver -acp fzr1000 -cap hdfxd1200
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|