Map certificate requests to nodes


When the management server receives a certificate request, it attempts to automatically identify the node that the request comes from using the host name. This automatic mapping fails in the following situations:

If the management server fails to map a certificate request to a node, and you know that the node already exists in the database, you can map the certificate request to the node manually. If a node does not already exist in the database, you must configure it before you can map the certificate request. The node is listed under Unmanaged Nodes with Agents in the Configure Managed Nodes dialog.

You can unmap certificate requests if you need to, and then map them to a different node.

As well as mapping certificate requests in the console, you can also map and unmap them from the command prompt.

To map certificate requests to nodes

  1. In the console tree, click Certificate Requests. A table of certificate requests appears in the details pane.
  2. Right-click an unmapped certificate request, and then click All TasksarrowMap to Node. The Map Certificate Request to Node dialog appears.
  3. Navigate the node tree and click the node that you want to map the certificate request to.
  4. Click Map Node.
  5. Read the warning message that appears, and then click OK or Cancel. If you click OK, the management server updates the node's OvCoreID with the OvCoreID from the certificate request. The certificate request then becomes pending and can be granted either automatically or manually.

To unmap certificate requests

  1. In the console tree, click Certificate Requests. A table of certificate requests appears in the details pane.
  2. Right-click a mapped certificate request, and then click All TasksarrowUnmap. You can then map the certificate request to a different node if appropriate.

To map certificate requests from the command prompt

  1. Log in to the management server with an account that is a member of the HPOM administrators group. Open a command prompt.
  2. Use ovowcsa -listpending to get a list of certificate requests.
  3. Map a certificate request by specifying the request ID or host name with the following command:

    ovowcsa -map <request_ID | request_host_name>[=<node_host_name | OvCoreID>] [-force]

    The following restrictions apply:

Related Topics: