To use the SSL protocol with the TLS 1.2 protocol for communications
between a server and a monitoring agent, you must specify the cert256.arm certificate
as the default certificate on the Tivoli® Storage
Manager server.
Before you begin
Determine whether the
Tivoli Storage
Manager server is
using the
cert256.arm certificate by default
by issuing the following command:
gsk8capicmd_64 -cert -list -db cert.kdb -stashed
Review
the output to determine whether the
TSM Server SelfSigned
SHA Key label is set as the default certificate. If it is
not the default, complete the steps in the procedure.
Procedure
To specify the cert256.arm certificate
as the default, complete the following steps from the Tivoli Storage
Manager server:
- Issue the following command from the Tivoli Storage
Manager server
instance directory:
gsk8capicmd_64 -cert -setdefault -db cert.kdb -stashed
-label "TSM Server SelfSigned SHA Key"
- Restart the Tivoli Storage
Manager server so
that it can receive the changes to the key database file.
- Optional: To verify that the TSM Server
SelfSigned SHA Key label is set as the default, issue the
following command.
gsk8capicmd_64 -cert -list -db cert.kdb -stashed