Skip to main content
Version: 5.0

Verifying SME-RE and Inventory Certificates

After updating certificates, you must verify that SSL settings are correctly applied not only to core system components but also to auxiliary modules like SME-RE and Inventory.

SME Remote Executor Verification

SME-RE uses SSL parameters configured in the application.properties file. Verify the file contains correct certificate paths:

File location: ${OSD_HOME}/utils/sme-re

Example configuration:


# ssl paramaters
server.ssl.enabled=true
server.ssl.certificate=/app/opensearch/config/node-cert.pem
server.ssl.certificate-private-key=/app/opensearch/config/node-key.pem
server.ssl.trust-certificate=/app/opensearch/config/ca-cert.pem
# can be need, none, want
server.ssl.client-auth=need

Inventory Verification (if used)

For systems utilizing the Inventory module, verify its SSL configuration:

  • Configuration file: config.yml

  • File location: ${OSD_HOME}/utils/inventory

Recommended to create a backup before making changes:

mkdir -p /app/backup/inventory_$(date +%Y%m%d)
cp ${OSD_HOME}/utils/inventory/config.yml /app/backup/inventory_$(date +%Y%m%d)/

Example SSL parameters in config.yml:

opensearch: ["https://<OS_HOSTS>:9200"]
username: <USERNAME>
password: <PWD>
cert: /app/opensearch/config/ca-cert.pem

Ensure the ca-cert.pem certificate is properly loaded and matches the updated infrastructure certificates.