Re-creating Site Credentials

Private and public key encryption creates a chain of signing authority from the IBM BigFix root down through the Site Administrator and including each console operator. If you lose your site credential or change the IP address of your server, the chain is broken. The consequences are serious: you must start again with a new request to IBM for a site certificate. Then you must reinstall the entire system, including all the clients (contact your support technician for details about how you might migrate your clients to a new server) and re-create all the users. If this happens, contact your support technician. To protect your site certificate, follow these important rules:

  • Do not lose the certificate (license.crt) and the private key for your site (license.pvk). Follow standard procedures for backing up and securing critical confidential information.
  • Do not change the IP address and hostname or port number of the server, because it is the primary identifier for your site certificate. Any change to the IP address or port number that was specified when the license was requested negates the license and necessitates a fresh installation of the IBM BigFix system. If you plan to decommission a server, be sure to apply the same IP address and port number to the replacement server.
  • Do not forget your password. Follow your corporate standards for noting and storing your password.
Note: The IBM BigFix Site Administrator can change the password of the site-level key, if they know the current password.