Versions Compared

Old Version 5

changes.mady.by.user IDERA

Saved on

compared with

New Version 6

changes.mady.by.user IDERA

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Install Stunnel on Solaris.
  2. Install the agent on Solaris.

  3. Run the command to see the executed script:

    Code Block
    languagetext
    inetadm -l /network/uptimeagent/tcp | fgrep exec

  4. Run the command to update the executed script for the agent:

    Code Block
    languagetext
    inetadm -m /network/uptimeagent/tcp exec="/usr/sbin/stunnel /usr/local/etc/stunnel/uptimeagent.conf"

    where /usr/sbin/stunnel is the path to the stunnel executable and /usr/local/etc/stunnel/uptimeagent.conf is the path to the uptimeagent.conf built for stunnel to use.

  5. Run the command to see that the executed script has been changed: 

    Code Block
    languagetext
    inetadm -l /network/uptimeagent/tcp | fgrep exec
  6. Create the certificate that will be used by Stunnel.  For example: 

     

     

    Code Block
    languagetext
    openssl req -new -x509 -days 365 -nodes -config stunnel.cnf -out stunnel.pem -keyout stunnel.pem

     

    The following is a sample stunnel.cnf for the openssl program:

...

 # create RSA certs - Server

  1.  

    Code Block
    languagetext
    # create RSA certs - Server
RANDFILE =

...

  1. stunnel.rnd

...

  1. 
[ req ]

...

  1. 
 

...

  1. 
default_bits = 1024

...

  1. 
encrypt_key = yes

...

  1. 
distinguished_name = req_dn

...

  1. 
x509_extensions = cert_type

...

  1. 
 

...

  1. 
[ req_dn ]

...

  1. 
 

...

  1. 
countryName = Country Name (2 letter code)

...

  1. 
countryName_default               = PL

...

  1. 
countryName_min                    = 2

...

  1. 
countryName_max                   = 2

...

  1. 
 

...

  1. 
stateOrProvinceName                   = State or Province Name (full name)

...

  1. 
stateOrProvinceName_default     = Some-State

...

  1. 
 

...

  1. 
localityName                    = Locality Name (eg, city)

...

  1. 
 

...

  1. 
0.organizationName                    = Organization Name (eg, company)

...

  1. 
0.organizationName_default      = Stunnel Developers Ltd

...

  1. 
 

...

  1. 
organizationalUnitName          = Organizational Unit Name (eg, section)

...

  1. 
 #organizationalUnitName_default =

...

  1. 
 

...

  1. 
0.commonName                          = Common Name (FQDN of your server)

...

  1. 
0.commonName_default            = localhost

...

  1. 
 

...

  1. 
# To create a certificate for more than one name uncomment:

...

  1. 
# 1.commonName                  = DNS alias of your server

...

  1. 
# 2.commonName                  = DNS alias of your server

...

  1. 
# ... # See http://home.netscape.com/eng/security/ssl_2.0_certificate.html

...

  1. 
# to see how Netscape understands commonName.

...

  1. 
 

...

  1. 
[ cert_type ]

...

  1. 
nsCertType = server

    7.  Copy stunnel.pem to <stunnel install directory>/uptimeagent.pem

...

  1. 8.  Create the uptimeagent.conf  with the following lines in the stunnel install directory:

    Code Block
    language

...

  1. text
    cert=/etc/stunnel/uptimeagent.pem

...

  1. 
exec=/opt/uptime-agent/bin/uptimeagent