How to manually import the rollup core certificate

Version 1

    For LDMS 8.7sp2 and earlier, the LANDesk Rollup Database application allows the administrator to attach the certificate from the rollup core to the other cores that will rollup data.  This process uses NTLM authentication to establish an authenticated connection to the target core, and then copies the certificate mentioned in the rollup core's ldmain\certificate.usage.ini file to the target core's shared files\cbaroot\certs directory and installs it with certinstall.exe.


    If the group policy on the target core does not allow for NTLM authentication (or if for some other reason this process fails), the following are steps to manually accomplish the certificate attachment:


    1.  Copy the .CER referenced in CERTIFICATE.USAGE.INI on the rollup core to this path on the target core:

    %PROGRAMFILES%\LANDesk\Shared Files\CBAroot\certs


    2.  Copy CERTINSTALL.EXE from LDMAIN on the rollup core to this path on the target core:

    %PROGRAMFILES%\LANDesk\Shared Files\CBAroot\bsa


    3.  On the target core, create the following system environment variable via the properties of My Computer / Advanced tab:

    SERVICE_HOST_PATH=C:\Program Files\LANDesk\Shared Files


    4.  On the target core, change to the %PROGRAMFILES%\LANDesk\Shared Files\CBAroot\bsa directory and run the following command line:

    certinstall.exe <name>.cer


    To verify that the certificate is installed correctly, look in IIS at the Web Sites / Default Web Site / LANDesk / ManagementSuite / Core / CoreRemoteAccessPoint / Properties.  On the Directory Security tab under Secure communications, choose Edit and check to see that there is a RemoteCore.<certname> mapping in the list.