Cisco Headend Digital Broadband Delivery System

 

100 

4034689 Rev A 

The cacert.pem file on the DNCS must contain all of the trusted root CA certificates. 
This file must exist with a minimum of one trusted certificate for the web instances 
to start.  At this point, this file will either contain the trusted root CA certificates for 
the BOSS Web Service or not exist if the DNCS has only been configured for the STB 
Staging Web Service. 
1  Type the following command and press Enter: 

cat /etc/opt/certs/cacert.pem 

 

2  Did the output from step 1 display certificate text? 



 

If yes, continue with step 3. 



 

If no (a cannot open /etc/opt/certs/cacert.pem message appears), then the 
cacert.pem file does not exist. Type the following command and press Enter 
to copy the cachain.crt file to cacert.pem. 

cp /etc/opt/certs/cachain.crt /etc/opt/certs/cacert.pem

 

3  Type the following command and press Enter to set the file permissions: 

chmod 444 /etc/opt/certs/cacert.pem 

 

Follow these instructions to restart the DNCS http process. 
a  Type the following command and press Enter to stop the http process: 

svcadm -v disable -st http

 

b  Type the following command and press Enter to refresh the http process: 

svcadm refresh http

 

c  Type the following command and press Enter to restart the http process: 

svcadm -v enable -s http

 

Result: The system displays the svc:/network/http:apache2 enabled 
message. 

5  Follow these instructions to restart the DNCS http-dncsws process. 

a  Type the following command and press Enter to stop the http-dncsws 

process: 

svcadm -v disable -st http-dncsws

 

b  Type the following command and press Enter to refresh the http-dncsws 

process: 

svcadm refresh http-dncsws

 

c  Type the following command and press Enter to restart the http-dncsws 

process: 

svcadm -v enable -s http-dncsws

 

Result: The system displays the svc:/network/http-dncsws:apache2-dncsws 
enabled message.