Summary :
To add a Cloud user for PCA, a certificate is required. This certificate must be downloaded from PCA before adding the Cloud user . In this article we will walk you thru How to download the certificate from PCA and successfully add the cloud user for PCA
Steps to download the PCA certificate and cloud user add via RMM CLI
1) Check the network connectivity from RMM to PCA via port 443
First make sure RMM to PCA environment network connectivity is established via port 443
Test the network connection to api
ping <fqdn of the PCA >
nc -vz <fqdn of the PCA > 443
If the network connectivity test fails, please troubleshoot the issue and ensure that port 443 is open between the RMM and the PCA before proceeding to the next steps
2) Command to download the certificate from PCA
once the network connectivity test passed use the below cmd to download the certificate from PCA
ssh in to rmm sudo su curl -ko pca-cert.pem https://<fqdn>/cachain
Note: Replace the fqdn for the PCA
This will download the certificate for the PCA for cloud user add
3) Cloud user add via RMM cli
Use the below cmd to add cloud user
clouduser add <username> -p oci --oci-user-id <oci_user_ocid> --oci-pkfilepath <path_to_key_file> --oci-tenantid <tenant_id> --region <fqdn of PCA > --oci-fingerprint <fingerprint> --oci-compartment-id < compartment id> --certificate < Path for the PCA certificate downloaded via curl cmd >
Reference
You can refer to the RMM 7.4 Cloud Parameters and Operations Guide, Section 3.1 OCI Cloud User Parameters, for instructions on how to obtain other Oracle Cloud user parameters such as the OCI User ID, fingerprint, and more