How can I Deploy and Activate BCM certificate on my BMC Client Management platform ?
- First step is to verify what is your current security configuration this will determine the way you will have to modify BCM parameters.
- Then verify if BCM Certificate package and rules are available on your BMC Client Management Console
They should be present if your Security Checklist first line is Red in BMC Client Management Console Home Dashboard:
In case BCM Certificate package and rules are not available you can create them with this procedure.
- Now, BCM Certificate package and rules are available, but you may have to modify them in following cases :
1) Your initial security configuration parameter "Trusted Authority" is set to a different value than "amp".
You have to modify rule "Step 1 - Trust BCM Certificate" in order to replace "amp" with the value from your initial security configuration parameter (some customers may have the very old "criston"authority in place) in step 3 :
2) You are deploying "bcm" certificate in order to activate secure communication, as a consequence you have to modify rule "Step 2 - Activate BCM Certificate" in order to set "Secure Communication" with "Securized Send, Receive Both"
You have to modify rule "Step 3 - Trust BCM Certificate" in order to set parameter "Secure Communication" to "Yes" :
- You can then assign rule "Step 1 - Deploy BCM Certificate" to all your devices.
Once rule "Step 1 - Deploy BCM Certificate" is successfully executed on all devices you can assign rule "Step 2 - Activate BCM Certificate" on all devices.
Same way rule "Step 3" must be successfully executed on all devices before assigning rule "Step 3 - Trust BCM Certificate" to all devices.
Notes that if rules 3 is executed on some devices while rules 1 or 2 are not executed yet on some other devices, communication is broken between these two different groups of devices.