Enabling HTTP in OpManager

Introduction to OpManager
System Requirements
- Hardware and Software requirements
- Scalability Recommendations
- Disk Space Calculator
- System Requirements Calculator
Installation Guide
- Installing OpManager Standard/ Professional Edition
- MSSQL server configuration for OpManager
- MSSQL server configuration for OpManager Linux
- Upgrading OpManager
After Installation
- Starting OpManager
- Register OpManager
- Changing Ports in OpManager
- Changing Port Numbers
- Proxy Server Settings
- Enable secure connection with MSSQL
Global settings
- User Management
- Authentication
Getting Started
- Network monitoring guide
- Discover your network
- Monitor your network
- Visualizing your network
- Alarms and Notifications
- Enable add-ons
- Reports
- Glossary
Discovery and Classification
- Device Templates
- Associating Device Templates
- Interface Templates
- Scheduled Interface Discovery
- Add Credentials
- Discover Individual Devices
- Discovering Networks
- Layer 2 Discovery
- Discovering Add-on devices
- Adding devices using SSH
- Discovery Filter
- Configuring Discovery Rule Engine
- Discovery Troubleshooting
- Supported Device Categories
- Custom Fields
- Automatically updating Custom Fields
Network monitoring
- Availability Monitoring
  - Configuring Monitoring Interval
  - Managing and Unmanaging a device
  - Configuring Device Dependencies
  - Poll using IP Address/DNS
  - Ping Parameter Restriction
  - Availability - Troubleshooting
- Performance Monitoring
  - Group monitors with Perf Groups
  - Monitoring CPU, Memory, Disk Using SNMP
  - Monitoring CPU, Memory, Disk Using WMI
  - Monitoring CPU, Memory, Disk Using CLI
  - Adding More Monitors
  - Adding Custom Monitors
  - Adding SNMP Monitors
  - Deleting performance monitors
  - List of Performance Monitors
  - Adding WMI-based Custom Monitors
  - Device-specific Monitoring Configuration
  - Configuring manual thresholds
  - Adaptive thresholds
- Interface Monitoring
  - Configuring interfaces
  - Idle interfaces
  - Interface Reports
- IPMI Monitoring
  - IPMI Monitoring in OpManager
  - Discovering IPMI interfaces
- Agent-based monitoring
  - Agent-based device monitoring
  - Agent-based vs Agentless monitoring
  - Agent installation
  - Agent installation - GPO Startup script
  - Agent installation - GPO Scheduler
  - Agent installation - SCCM
  - Agent deployment - Endpoint Central
  - Agent deployment - Webclient
  - Enabling TLSV1.2 for secure communication
  - Uninstalling agent
- WLC Monitoring
  - Monitor WLCs
- Cisco Meraki Monitoring
  - Monitoring Cisco Meraki devices
- Cisco UCS Monitoring
  - Discovery and Monitoring
  - Adding Performance Monitors
- IP SLA Monitoring
  - Adding IP SLA monitor using SNMP v3
  - Common queries in IP SLA
  - Adding IP SLA using SNMP v3
- Linux Monitoring
  - Monitoring Linux devices
- SNMP Trap Monitoring
  - SHA-2 authentication
  - Trap Processing
  - Trap Settings
  - Trap Viewer
  - Trap Variables
  - Forward Traps
  - FAQs on SNMP Traps
  - Troubleshooting steps
  - MIB Browser
- Service monitoring
  - Monitoring TCP Services
  - Monitoring TCP Services on a Device
  - Adding New TCP Service Monitors
  - Monitoring Windows Services
  - Adding New Windows Service Monitors
- Process monitoring
  - Monitoring Processes
  - Viewing Active Processes
  - Adding New Process Template
  - Associating Process Template
- Script monitoring
  - Adding Script Template
  - Associating Script Templates
- EventLog monitoring
  - Associating EventLog Rules
- File and Folder monitoring
  - Monitoring Log Files using Agents
  - Adding File Monitoring Template
  - Adding Folder Monitoring Template
- Syslog monitoring
  - Configuring Syslog startup
  - Adding Syslog Rules
  - Configuring Syslog Ports
  - Monitoring Syslog Packets
  - Viewing Syslog Flow Rate
  - Forwarding Syslogs
- URL monitoring
  - Monitoring URLs
  - URL Monitors for Devices
- Hardware monitoring
  - Hardware Health Monitoring
  - Prerequisites for Hardware Monitoring
- VoIP Monitoring
  - Adding a new VoIP Monitor
  - Configuring VoIP Monitor Template
  - Viewing Top 10 Call Paths
- WAN Monitoring
  - Adding a new WAN Monitor
  - Configuring WAN Monitor Template
  - Viewing WAN Monitor Alerts
  - WAN Links
- SD-WAN Monitoring
  - Monitoring SD-WAN
- BGP Monitoring
  - BGP Monitoring
- Other monitoring capabilities
  - Monitoring Access Points
  - Monitoring Windows Event Logs
  - Monitoring CIS-hardened devices
  - Switch Stack Monitoring
  - Self monitoring
  - Application Monitoring
Virtualization monitoring
- VMware Monitoring
- HyperV Monitoring
- Xen Monitoring
  - Discovering Xen Server
  - Xen Performance Monitoring
HCI monitoring
- Nutanix Monitoring
  - Nutanix discovery
- VxRail Monitoring
  - VxRail discovery
Storage Monitoring
- About Storage Monitoring
- Storage Monitoring Protocols
- Supported device models
- Prerequisites to add storage devices
- Discovering Storage Devices
- Managing alerts and notifications
- Storage reports
- Inventory page details
- Supported performance monitors
Network fault management
- Fault Management and Resolution
- Troubleshoot BCP errors
- BCP error codes
Root Cause Analysis
- Create your own RCA
Network Path Analysis
- Create a new Netpath monitor
Alerts
- Manage network faults with alarms
- Forecast alerts
- View alarms
- Perform actions on alarms
- Escalate an alarm
- Suppress an alarm
- Alarm correlation rule
- Process Traps into alarms
- Receive SNMP Traps
- BGP Traps
Notifications
- Mail Server Settings
- OAuth authentication
- Configuring Notification Profiles
- Configure Chat
- SMS Server Settings
- Test SMS Server Settings via API Tool
- Email Alerting
- Custom email templates
- SMS Alerting
- Sound Alerting
- Running a Program
- Log a Ticket
- Run a System Command
- Trap Profile
- SysLog Profile
- Modifying, Deleting a Profile
- Notification Profile Criteria
- Alarm message matches criteria
- Mobile alerts - Android
- Mobile alerts - iOS
IT Workflow Automation
- About Workflow Automation
- Add a new Workflow
- Workflow Checks and Action
- Workflow Variables
- Workflow Triggers
- Viewing Workflow Logs
- Executing Workflows
Network visualization
- Dashboard view
- Inventory
  - Different Types of Views
  - Inventory Shortcuts
- Grouping network components
  - What is a group?
- Maps
Network monitoring reports
- Default Reports
- Custom reports
Integrations supported
- Integrate with ServiceDesk Plus OP
- Integrate with ServiceDesk Plus Cloud
- Integrate with ServiceDesk Plus MSP
- Integrate with Applications Manager
- Integrate with AlarmsOne
- Integrate with ServiceNow
- Integrate with ServiceNow (using an SSL certificate)
- Integrate with Slack
- Integrate with Jira Service Management (On-Premise)
- Integrate with Microsoft Teams
- Integrate with Microsoft Teams (using Webhook)
- Integrate with Telegram
- Integrate with PagerDuty
- Integrate with Cisco WebEx
- Integrate with Eventlog Analyzer
- Create Custom Integration
- Integrate with WhatsApp (via Custom Integration)
- Integrate with Ansible
- Integrate with Grafana
- Integrate with Freshdesk
Application Manager Plug-in
- Monitor using APM plugin
- User controls in APM plugin
Configure Client Settings
- Client Settings
System Settings
- Configuring System Settings
- Database Maintenance
- Events table cleanup
- Graph Display Settings
- Quick Configuration Wizard
- Rebranding OpManager
- Remote PostgreSQL configuration
- Scheduling Downtime
Security Settings
- Enabling HTTPS (upto 123180)
- Enabling HTTPS (from 123181)
- Importing Trusted Certificate
- Security Recommendations
Failover
- Configuring Failover Support
Database Backup
- Data backup and restoration
- Live database backup
Migration
- Migrating OpManager Database
- Migrating OpManager Server
- Migrating Failover server
- Virtual IP Failover - Server Migration
- Migrating OpManager with Agents
- Remote PostgreSQL migration
REST API
- OpManager REST API
Help Videos
- OpManager how-to videos
- OpManager solution videos
Appendix
- Installing SNMP on Windows
- Installing SNMP on Linux
- Installing SNMP on Solaris
- Remote Desktop in OpManager
- Configuring SNMP Agents
- Configuring Agent on Cisco
- Configuring Lotus Agent
- Configuring Oracle Agent
- OpManager Architecture
Best practices
- Security best practices
- PII Settings
- FIPS Compliance
Enterprise edition Guide
- OpManager Architecture
- Installing OpManager Enterprise Edition
- Administrator guide
- Migration and Backup Guide
- OpManager Enterprise Edition - Update Guide
- Probe-Central communication
- Probe-Central communication troubleshooting
- Operating Principle of Enterprise Edition
- Configuring Probe-Central connection
- Scalability features
- Configuring proxy for Probes
Read-Me
- OpManager Read-Me

Enabling HTTPS Configuration

Enabling https helps you have secure data transmission from your end to the server end. By enabling https, the encrypted data will be sent securely to the server whose authenticity will be verified using the SSL certificate. This helps in enhacing network security. To enable HTTPS in OpManager, kindly follow the below steps.

Note:

From version 126278, during installation, SSL will be enabled by default with a self signed certificate in all the editions, to enhance security. Administrator users can update the SSL certificate under Settings -> Security settings. After OpManager has been upgraded to the latest version, SSL will be recommended to be enabled through the UI. Click here to know more about SSL security recommendation

For OpManager versions 123181 and above

Go to Settings → Basic Settings → Security Settings.
Enable the "Secure Mode" button.
Once the button is enabled, you will be prompted to choose from three options, namely:
- Generate a CSR
- Self-signed Certificate
- Import Certificate
Generate CSR:
This option helps you generate a Certificate Signing Request (CSR). A CSR or Certificate Signing request is a block of encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It is usually generated on the server where the certificate will be installed and contains information that will be included in the certificate such as the organization name, common name (domain name), locality, and country. It also contains the public key that will be included in the certificate. A private key is usually created at the same time that you create the CSR, making a key pair. A CSR is generally encoded using ASN.1 according to the PKCS #10 specification.
A certificate authority will use a CSR to create your SSL certificate, but it does not need your private key. You need to keep your private key secret. The certificate created with a particular CSR will only work with the private key that was generated by it. So if you lose the private key, the certificate will no longer work.
Once you click on 'Generate CSR', you will have to fill out a few information for the certificate you want to create for use in OpManager Server.
On clicking the Generate button, your CSR and Server Key files will be downloaded as a ZIP file. Extract the file and use the "OpManager.csr" file to get a signed certificate from a CA of your choice.
After getting signed by the CA, you will get a certificate file which you can import into OpManager using the Import Certificate option discussed below.
Self-Signed Certificate:This option lets you enable SSL in OpManager with a self-generated and self-signed certificate. This certificate is safe to use and is equally secure. But browsers may display them as untrusted since it is not signed by a Valid CA (Certificate Authority).
You will be prompted to restart OpManager for the changes to take effect.
Import Certificate:
Use this option if you already have a valid certificate and key files (or) a keystore or a PFX file with the certificate.
Select a certificate file.
Select the appropriate "key" file.
Verify and choose Import.
If the certificate cannot be validated with trusted sources, you will be asked to provide the intermediate certificates and root certificate files.
Once uploaded, verify the certificate and click Import.
On successful import, you will be prompted to restart OpManager.
Importing from PFX or Keystore:
If you are using a Keystore or a PFX file, you will be prompted to input the password for opening the file.
On clicking Fetch, you will be provided with a list of Key-entries present in the keystore. Choose a specific alias which is to be used to enable SSL in OpManager.
You will be shown a preview of the certificate information, verify and click on Importfor using the certificate.
Finally you will be prompted to restart OpManager for the changes to take effect.
Finally, after enabling SSL through one of the above ways, you will be able to connect to OpManager in secure mode:

Steps to Regenerate a Self-Signed Certificate (From version 128455)

Navigate to Settings -> General Settings -> Security Settings -> SSL Configuration.
Click the edit icon next to SSL Certificate Details.
Select the Self-signed Certificate option and click Create. This action will regenerate the self-signed certificate and apply it for HTTPS connections.
Restart the server to apply the changes.

Note:

To enable SSL in a failover configured instance of OpManager using a third party certificate, the certificate should have the Primary host name as the Common Name, and the Secondary Host name as the Subject Alternative Name (SAN) in it.
If Failover is configured with the Shared folder, once the SSL certificate is applied in the Primary server, the details will be automatically updated to the Secondary server.

SSL Security Recommendation:

During the evaluation, both HTTP and HTTPS ports will be accessible. If HTTP is used, the security recommendation popup will notify the user to use HTTPS when they login.

Enabling HTTPS configuration in OpManager: SSL recommendation

Once the registered license is applied, the user will be prompted to restart once. This restart is required to enable automatic redirection to HTTPS when the web client is accessed using HTTP.

Enabling HTTPS configuration in OpManager: Restart application after license application

After upgrading to version 126278 or above, the admin user will be recommended to enable SSL after login. This notification can be skipped for 2 weeks, after which the recommendation will be displayed again.

Enabling HTTPS configuration in OpManager: Enable SSL

If OpManager Enterprise Edition or an Agent has been installed, the option to disable SSL will be restricted.

Enabling HTTPS configuration in OpManager: OpManager SSL option enabled

Was this content helpful?

We are sorry. Help us improve this page.

How can we improve this page?

Need more information on this topic

Need better screenshots

Need clear step by step instructions

Others

Do you need assistance with this topic?

Yes No

By clicking "Submit", you agree to processing of personal data according to the Privacy Policy.

Identity and access management

Unified service management

Unified endpoint management and security

IT operations management and observability

Security information and event management

Advanced IT analytics

Low-code app development

Cloud solutions for enterprise IT

IT management for MSPs

Active Directory management Manage, track, and secure Active Directory

Identity governance and administrationOrchestrate user identity management and access controls for Zero Trust

Privileged access managementControl and secure privileged access to critical enterprise systems

Enterprise and IT service managementDeliver a consistent employee experience across business functions

Customer service managementBuild a one-stop portal for customers with efficient account management

IT asset managementCentralize and automate the complete IT asset life cycle

SIEM Spot, investigate, and neutralize security threats

Log and compliance managementGain deeper visibility into security events and ensure compliance

Security auditingAudit Active Directory, cloud platforms and files to enhance your security posture

Endpoint management and protection platform (UEM and EPP)Secure and manage endpoints to protect your IT assets effectively

Endpoint managementAchieve intelligent IT device management with zero user intervention

Endpoint securityDefend against threat actors with proactive and reactive measures

Full-stack observability and digital experience monitoringAchieve end-to-end visibility, proactive issue resolution, and enhanced security

Network and server performance monitoringEnsure network, server, and storage reliability with AI-powered insights

IT incident managementEfficiently manage and resolve IT incidents while ensuring transparency

DNS and DHCP managementOptimize IP address and domain management

Cloud cost managementRight-size and take control of your cloud costs

IT analyticsConnect to your IT applications and visualize all facets of your IT

Cloud-native solutions for IT managementMonitor, manage, audit, and secure your multi-cloudand hybrid infrastructure

Business applications for ITBoost productivity and improve team collaboration

Custom solution builderBuild tailor-made apps to automate operations at your organization

Solutions for MSPsGrow your MSP business with scalable and secure IT management solutions

Enabling HTTPS Configuration

For OpManager versions 123181 and above

Steps to Regenerate a Self-Signed Certificate (From version 128455)

SSL Security Recommendation:

How can we improve this page?

Do you need assistance with this topic?

Active Directory
management Manage, track, and secure Active Directory

Identity governance
and administrationOrchestrate user identity management and access controls for Zero Trust

Privileged access
managementControl and secure privileged access to critical enterprise systems

Enterprise and IT service
managementDeliver a consistent employee experience across business functions

Customer service
managementBuild a one-stop portal for customers with efficient account management

IT asset
managementCentralize and automate the complete IT asset life cycle

Network and server
performance monitoringEnsure network, server, and storage reliability with AI-powered insights

IT incident
managementEfficiently manage and resolve IT incidents while ensuring transparency

Cloud-native solutions for IT managementMonitor, manage, audit, and secure your multi-cloud
and hybrid infrastructure