Forum Discussion

PhilippeAugras's avatar
PhilippeAugras
Brass Contributor
Apr 07, 2021
Solved

SCOM 2019 - Linux monitorint - 100 % Gateways resource pool : need for certificate export ?

Hello,   I have one question regarding Linux monitoring. My client needs to monitor Linux servers and will use resource pools constituted only with Gateway servers (network specifications make impo...
  • ChalakovStoyan's avatar
    ChalakovStoyan
    Apr 08, 2021

    PhilippeAugras 
    Hi Philippe, as the SCX certificates are used to sign the custom OM certificate, which is used by the Nix agent, you need to have them on all members of the resource pool, which is managing the agent/to which the agents are reporting...no matter if this resource pool consists of real Management Servers or Gateway Management Servers....so the answer is YES, you need to have the X-plat certificates on all gateways in the resource pool, to which the Linux agents are reporting..

    I also discussed this with a SCOM legend - Bob Cornelissen, who confirmed this also.
    BobCornelissen:
    "X-plat certificates from all machines in the resource pool - to all other machines in that resource pool, gateways or management servers, but if gateways do the monitoring of the linux machines then the scom management servers do not need those X-plat certificates.

     Looks like this particular scenario is linux servers connected to a group of gateways in a resource pool and the gateways - connected to mgmnt servers. In this scenario the gateways need to exchange each others SCX certificates."

ChalakovStoyan's avatar
ChalakovStoyan
Copper Contributor
Apr 08, 2021

PhilippeAugras 
Hi Philippe, as the SCX certificates are used to sign the custom OM certificate, which is used by the Nix agent, you need to have them on all members of the resource pool, which is managing the agent/to which the agents are reporting...no matter if this resource pool consists of real Management Servers or Gateway Management Servers....so the answer is YES, you need to have the X-plat certificates on all gateways in the resource pool, to which the Linux agents are reporting..

I also discussed this with a SCOM legend - Bob Cornelissen, who confirmed this also.
BobCornelissen:
"X-plat certificates from all machines in the resource pool - to all other machines in that resource pool, gateways or management servers, but if gateways do the monitoring of the linux machines then the scom management servers do not need those X-plat certificates.

 Looks like this particular scenario is linux servers connected to a group of gateways in a resource pool and the gateways - connected to mgmnt servers. In this scenario the gateways need to exchange each others SCX certificates."

Resources