How Can I Import an MDC User Database Cascade Security Certificate?

3

1.Use WinSCP to copy the security certificate (including files cacert.pem, server.crt, and server.key) to the /home/permitdir directory of the active OMS for the CDC.

Use the opadmin account and floating IP address of the management plane to log in to the active OMS.

For details about how to use WinSCP, see How Can I Use WinSCP to Transfer a File in the HUAWEI OceanStor UDS Massive Storage System V100R002C01 Software Installation Guide.


2.Use PuTTY to log in to the active OMS.

Use the opadmin account and Floating IP address of the management plane for login. Run the su - root command to switch to the root account.


3.Run the following command to disable the automatic exit of PuTTY.
TMOUT=0

4.Run the following command to import the security certificate.

sh /opt/obs/scripts/upf/replaceGaussCA.sh -f /home/permitdir –p passwordpassword is the password of the server.key file.

After the certificate is imported successfully, the following output is displayed:
server started
5.Import the security certificate to the standby OMS. OMS02 is used as an example.
a.Run the cd /home/permitdir command to go to the /home/permitdir directory of the active OMS.
b.Run the following command to copy the security certificate (including files cacert.pem, server.crt, and server.key) from the active OMS to the /home/permitdir directory of OMS02.

scp cacert.pem server.crt server.key opadmin@OMS02:/home/permitdir

The opadmin account and password of OMS02 are required.

After the certificate file is copied successfully, the following output is displayed:
cacert.pem 100% 952 0.9KB/s 00:00
server.crt 100% 3046 3.0KB/s 00:00
server.key 100% 891 0.9KB/s 00:00
c.Run the ssh opadmin@OMS02 command to log in to OMS02.
The opadmin account and password of OMS02 are required. After the login, run the su - root command to switch to the root account.

d.Run the following command to disable the automatic exit of PuTTY.
TMOUT=0

e.Import the security certificate to the standby OMS. For details, see Step 4.
6.Import the security certificate for the GSDC and GADC respectively. For details, see Step 1 to Step 5.

Other related questions:
How Can I Change the IP Addresses of the MDC replication plane?
1.Change the IP addresses of the MDC replication plane of each DC. For details, see How Can I Change the IP Addresses of UDS Planes in HUAWEI OceanStor UDS Massive Storage System V100R002C01 Software Installation Guide. 2.Modify the configuration of the VPN device in each DC. For details, refer to the product document of the VPN device. 3.Whether the IP addresses of the MDC replication plane of the GSDC or CDC have been changed? If yes, perform Step 4. If no, no further action is required. 4.Log in to the active OMS of the GADC using PuTTY. Log in as user opadmin using the floating management IP address. Then, run su - root to switch to the root account. 5.Run TMOUT=0 to prevent PuTTY from exiting in a timeout scenario. 6.Run cd /opt/obs/scripts/mdc/scripts to go to the /opt/obs/scripts/mdc/scripts directory. 7.Run the following command to complete changing the IP addresses of the MDC replication plane. Communication among DCs recovers. sh modifyReplicationAddresses.sh (DC ID) (Floating MDC IP address) (MDC replication IP address of the active OMS) (MDC replication IP address of the standby OMS) For example: sh modifyReplicationAddresses.sh UDS_DCD4B110B171022014022506000 192.168.10.1 192.168.10.2 192.168.10.3 The following command output is displayed: modify replication network success!

How can I import licenses to the SMC2.0?
To import licenses to the SMC2.0, perform the following operations: 1. Log in to the web interface of the SMC2.0 as the admin user. 2. Choose Help > View License. 3. Click Import License, select the path for storing the license file, and click Upload. The value of License status is changed to Normal. 4. On the View License page, verify that the imported license is the one you applied for. If the imported license file is not the one you applied for, contact Huawei technical support engineers.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top