The QRadar Suite Software certificate is used
to access QRadar Suite Software services. The IBM
foundational services certificate is used by QRadar Suite Software to access IBM foundational services IAM. QRadar Suite Software provides an action to validate these
certificates.
About this task
Install the command-line interface (CLI) utility cpctl from
the cp-serviceability pod. For more information, see Installing the cpctl utility.
Procedure
- Log in to your Red Hat OpenShift Container Platform cluster as a cluster administrator by
typing one of the following commands, where <openshift_url>
is the URL for your Red Hat OpenShift Container Platform
environment.
- To ensure that the list of available cpctl actions is
up to date, enter the following command.
The cpctl load command retrieves all of the available actions
that can be run on QRadar Suite Software. The actions
are cached to your local environment.
-
Run the check_cert action by typing the following command.
cpctl diagnostics check_cert --token $(oc whoami -t)
Example
The following output is a sample output of what might display after you run the command.
Get CP4S Route...
localhost ok
Check CP4S Route...
Get IBM Foundational Services Route...
localhost done
Check IBM Foundational Services Route...
Ensure temp dir exists...
localhost done
Fetch CP4S truststore...
localhost done
Test CP4S ingress...
localhost done
Print CP4S Certificate when failed...
Stop if CP4S Certificate is not valid...
Test IBM Foundational Services Ingress...
localhost ok
Print IBM Foundational Services Certificate when failed...
Stop if IBM Foundational Services Certificate is not valid...
Certificates are valid...
- Play recap -
localhost : ok=8 changed=5 unreachable=0 failed=0 rescued=0 ignored=0
What to do next
If the output from the command shows the certificates are invalid, you can replace the
certificates. For more information, see Updating your QRadar Suite Software TLS certificates.