Kit File Name: VSI-I64VMS-WBEMCIM-V0300-E180108-1.zipexe Release Notes for VSI Wbem Services (WBEMCIM) V3.0E180118 for VSI OpenVMS Integrity Servers. This kit will install on any VSI OpenVMS system with VSI SSL1 installed. Special Instructions --------------------------- After installing the kit run SYS$COMMON:[WBEM_Services]WBEM_Services$Config.exe to implement the bug fixes on your systems. Bug fixes in this kit ------------------------- 1. WBEM Services configuration fails with error message similar to below: SYS001: directory SYS$SPECIFIC:[WBEM_Services.var.opt.hp.sslshare]*.pem %DIRECT-E-OPENIN, error opening SYS$SPECIFIC:[WBEM_SERVICES.VAR.OPT.HP.SSLSHARE]*.PEM;* as input -RMS-E-DNF, directory not found -SYSTEM-W-NOSUCHFILE, no such file The WBEMCIM V3.0D180118 introduced a problem kit: The WBEMCIM key and certificate files, client.pem, file.pem and server.pem location change details: New location: SYS$SPECIFIC:[WBEM_Services.var.opt.hp.sslshare] Old location: SYS$COMMON:[WBEM_Services.etc.opt.hp.sslshare] This above change did not account for the user changing the location of the WBEM configuration and repository files. The corrected new location of the files is : New location: WBEM_VAR:[opt.hp.sslshare] Special Installation Instructions: If only one system boots off the system disk you are upgrading, the instructions below need only be executed once on the installation node. Prior to installation of this kit, shutdown wbem services on all cluster nodes booted off the system disk. Use @sys$startup:wbem_services$shutdown to stop WBEM services. Install this kit, WBEMCIM V3.0E. On every node booted from the installation system disk: $ Run sys$common:[WBEM_Services]WBEM_Services$Config.exe When prompted to start the CIMSERVER enter YES, the default: Do you want to start the CIMServer now (Yes/No) [Yes]? The CIMSERVER should start successfully on each node. If there is a problem starting CIMSERVER verify the certificate and key files are written to the new location: $ directory SYS$SPECIFIC:[WBEM_Services.var.opt.hp.sslshare]*.pem 2. WBEM configuration fails with the follow error message: %NONAME-E-NOMSG, Message number 00000002 This System is configured for TCPIP Ipv6. WBEM Services does not support IPv6. Please Configure the system for Ipv4 only and run:SYS$SYSROOT:[WBEM_Services]WBEM_Services$Co nfig.exe. When you run WBEM configuation with EXTENDED process parse style and the DECC$ARGV_PARSE_STYLE logical set to 1, the Ipv6 check fails unexpectedly. The problem was worked around by SET PROCESS/PARSE_STYLE=TRADITIONAL. Release notes for the previous VSI releases: ============================================ =================================================== Release Notes for VSI Wbem Services v3.0D for OpenVMS =================================================== Release Notes for VSI Wbem Services (WBEMCIM) V3.0D180118 for VSI OpenVMS Integrity Servers. This kit will install on any VSI OpenVMS system with VSI SSL1 installed. New Features in this kit ------------------------- 1. WBEM SSL certificate is now signed with SHA256 algorithm 2. WBEM SSL certficate is signed using a 2048 bit key 3. Self signed certificate information change for HP to VSI 4. WBEM Server/client private key and certificate are moved to a system specific directory. Multiple systems booted off a common system disk will have the correct hostname in the certificate commonName (CN) field. Notes: The WBEMCIM key and certificate files, client.pem, file.pem and server.pem location change details: New location: SYS$SPECIFIC:[WBEM_Services.var.opt.hp.sslshare] Old location: SYS$COMMON:[WBEM_Services.etc.opt.hp.sslshare] Special Installation Instructions: If only one system boots off the system disk you are upgrading, the instructions below need only be executed once on the installation node. Prior to installation of this kit, shutdown wbem services on all cluster nodes booted off the system disk. Use @sys$startup:wbem_services$shutdown to stop WBEM services. Install this kit, WBEMCIM V3.0D. On every node booted from the installation system disk: $ Run sys$common:[WBEM_Services]WBEM_Services$Config.exe When prompted to start the CIMSERVER enter YES, the default: Do you want to start the CIMServer now (Yes/No) [Yes]? The CIMSERVER should start successfully on each node. If there is a problem staring CIMSERVER verify the certificate and key files are written to the new location: $ directory SYS$SPECIFIC:[WBEM_Services.var.opt.hp.sslshare]*.pem Release Notes for VSI Wbem Services (WBEMCIM) V3.0C180118 Kit is required for WBEM Services compatibility with the VSI TCPIP V10.5 release. Kit contains small cosmetic updates for support of HPE Integrity i6 servers. Kit contains updates allowng better operation when using Multinet TCPIP stack. Multinet TCPIP stack is not officially supported by HPE versions of WBEM services. Post Installation Instructions ------------------------------ After installation the WBEM_Services$Config.exe image must be run to regenerate WBEM scripts. The run will create scripts that are compatible with both TCPIP Services V5.7 and with VSI TCPIP V10.5. $ run SYS$COMMON:[WBEM_SERVICES]WBEM_Services$Config.exe WBEM Services for OpenVMS Configuration Utility 2.80.42 Copyright 2009-2010, Hewlett-Packard Company. This utility initializes the environment required to run HP WBEM Services for OpenVMS (WBEMCIM) on this system. The CIMServer process will use the following UIC: [SYSTEM]. The configuration files and repository will be placed in the following location: SYS$SPECIFIC:[WBEM_Services]. Do you want to change this location (Yes/No) [No]? A repository has been found; but upgrading your repository is not needed because the schema has not changed. All configuration questions have been answered. Do you want to continue (Yes/No) [Yes]? This utility creates: SYS$STARTUP:WBEM_Services$Startup.com which should be added to SYS$STARTUP:SYSTARTUP_VMS.COM. This utility creates: SYS$STARTUP:WBEM_Services$Shutdown.com which should be added to SYS$STARTUP:SYSHUTDWN.COM. This utility creates: SYS$SYSROOT:[wbem_services]WBEM_Services$Define_Commands.com which users who use this product can add to their login.com. Do you want to start the CIMServer now (Yes/No) [Yes]? NO =================================================== Release Notes for VSI Wbem Services v3.0C for OpenVMS =================================================== VSI WBEM Services v3.0 is required for compatibility with the VSI SSL1 product. VSI SSL1 updates OpenVMS SSL to the OpenSSL V1.0.2h version. VSI WBEM Services v3.0 will install on any VSI OpenVMS system with VSI SSL1 installed. ===================================================== Release Notes for VSI Wbem Services v3.0B for OpenVMS =================================================== VSI WBEM Services v3.0 is a rebuilt version of the HP V3.0.2 WBEM Services for OpenVMS Kit. The VSI kit will recognize HP i4 Integrity Hardware but is not updated to handle new indications or errors emitted from the i4 hardware. VSI WBEM Services v3.0 will install on VSI OpenVMS V8.4-1H1 or later. Release notes for the previous HPE releases: =========================================== Release Notes for HP Wbem Services v3.0 for OpenVMS HP WBEM Services v3.0 is applicable for OpenVMS V8.4 and OpenVMS V8.3-1H1 on supported HP Integrity Servers. It is a remedial release that addresses the following: 1.POODLE Vulnerability: This vulnerability is fixed by disabling SSL v3.0 protocol 2.Weak ciphers like DES-CBC-SHA are disabled. The default string for ciphers used by WBEM Services is "DEFAULT:!LOW:!EXP:!MD5". Users could customize the cipher string by defining a logical WBEM_SSL_CIPHER_SUITE before starting WBEM Services. $DEFINE /SYS/EXEC WBEM_SSL_CIPHER_SUITE “” 3.It supports creation of CIMSERVER dumps off system disk by defining a logical WBEM$PROCDMP before starting the WBEM Services $ DEFINE/SYS WBEM$PROCDMP XYZ$DKA0:[MY_DIRECTORY] 4.While attempting to create a new WBEM user account (using cimuser -a -u), the displayed message is over-written with another message when there is a password mismatch. This problem is fixed. 5.The "Current Time Zone" for an OpenVMS managed node is shown as "GMT -5:-30" instead of "GMT +5:30" by HP-SIM. Release Notes for HP Wbem Services pre-v3.0 for OpenVMS The following release notes address late-breaking information about WBEM Services for OpenVMS. 1 Based on OpenPegasus 2.9.0 WBEM Services for OpenVMS Version 2.90 is based on the OpenPegasus 2.9.0 code stream of the The OpenGroup's Pegasus Open Source project. 2 OpenPegasus 2.9.0 uses CIM Schema 2.17.1. The follow table shows the relationship between OpenPegasus and CIM Schemas. The technical information is only of interest to software developers. OpenPegasus | CIM Schema ============================== 2.9.0 | 2.17.1 2.8.0 | 2.17.1 2.7.1 | 2.13.1 2.6.1 | 2.9 3 Fixes to OpenVMS 8.3-1H1 This release requires OpenVMS 8.3-1H1 and ECO patches from www.itrc.hp.com for OpenVMS 8.3-1H1. 4 Remove WBEM Services Version 2.0 before upgrading. If you are upgrading from WBEM Services 2.0, follow these special instructions. These steps are not required for WBEM Services 2.54 and later. PCSI attempts to remove previous versions of WBEM Services before installing a new version; however, the repository and other files that are created after installation are not be removed by PCSI. If WBEM Services V2.0 is running on your system, HP recommends that you use the PRODUCT REMOVE WBEMCIM command to uninstall rather than installing the product as an upgrade. In addition, manually delete the sys$sysroot:[wbem_services...] directory tree. After you upgrade from 2.0, products such as iCAP will not work until you reconfigure them (see sys$manager:icap$config.com). 5 Use Quotes Around Command Line Options Be sure to use quotes around a command line option to preserve its case. For example, use: $ cimmofl "-E" "-xml" not: $ cimmof -E -xml 6 iCAP/nPar Previous kits included the repository files for iCAP and nPar. As of WBEM Services V2.54, these files are shipped separately and installed with the iCAP/nPar software. 7 WBEMProviders Startup and shutdown of WBEMProviders has been added. When the WBEMProviders software has been installed, the WBEMProviders startup and shutdown command procedures are called from the WBEM Services startup and shutdown command procedures. 8 HTTP (non-secure) port disabled. By default, WBEM Services is shipped with the HTTPS port enabled and the HTTP (non-secure) port disabled. HP recommends you maintain this secure configuration. 9 OpenSSL Previously, WBEM Services used its own version of OpenSSL. WBEM Services 2.7.1 switched the OpenSSL shareable libraries (sys$share:ssl$*.exe), which are installed on your system by OpenVMS. 10 OSinfo.exe - Time Display Is Off by One Hour. When OpenVMS automatic daylight saving time switching is disabled (system parameter AUTO_DLIGHT_SAV is set to 0), the local time displayed by OSinfo can be different than the results of the DCL $show time command. This is a system configuration problem that the system manager can fix; it occurs when $set time is used to adjust for daylight saving and standard time instead of using sys$examples:daylight_savings.com, which also adjusts the UTC calls used by this product. To correct this problem, refer to the OpenVMS System Manager's Manual: "Setting Time in an OpenVMS Cluster Environment". 11 WBEM_Services 2.53 removed the restriction 4.3.1 from the OpenVMS V8.3 Release Notes. A very large PGFLQUOTA is no longer required. You can reset the value of the SYSTEM account to its previous setting. 12 Support for Providers Only Providers included with OpenVMS are supported. Only the functions and capabilities needed by these providers are supported. 13 Restart cimserver.exe to Unload Providers on OpenVMS After entering the cimprovider -r command, you must stop and restart the cimserver to complete the process of replacing a provider. (OpenVMS does not support unloading a dynamically loaded image.) 14 Repository Not Cleaned Up During Uninstall The PRODUCT REMOVE WBEMCIM command does not remove the repository and other files that are generated after installation. You will have to delete SYS$SYS$SYSROOT:[WBEM_SERVICES.VAR...]*.*;* manually.