beautypg.com

HP Virtual Connect 8Gb 20-port Fibre Channel Module for c-Class BladeSystem User Manual

Page 56

background image

Virtual Connect domains 56

Field

Possible values

Description

Alternative Name

0 to 500 characters in length

Alternative identifiers for the VC domain that

the certificate should also cover. Examples
include DNS names and IP addresses.

Challenge Password

0 to 30 characters in length

The password for the certificate-signing

request

Confirm Password

0 to 30 characters in length

Confirms the Challenge Password

Unstructured Name

0 to 60 characters in length

This field is for additional information (for
example, an unstructured name that is

assigned to the VC Domain).

The Alternative Name field is automatically populated with the value in the existing certificate, if any.

Additionally, the populated information will include the IP addresses known to the domain (the primary and
secondary module IP addresses, along with the domain IP address if it is configured), as well as associated

DNS names if they are known.
The certificate, by default, requests a valid duration of 10 years (this value is currently not configurable).
When you click Apply, a standardized certificate signing request is generated by the Virtual Connect
Manager using the supplied data. The content of the request in the text box can be sent to the Certificate

Authority of your choice for signing. After it is signed by and returned from the Certificate Authority, you can

upload the certificate using the SSL Certificate Administration (Certificate Upload) screen (on page

56

).

Note that a new certificate request is generated each time you click Apply, so the content might not be the
same each time.

SSL Certificate Administration (Certificate Upload) screen

There are two methods for uploading certificates for use in the Virtual Connect Ethernet module:

Paste the certificate contents into the text field, and then click Upload.

Paste the URL of the certificate into the URL field, and then click Retrieve. The URL field accepts IPv4 or
IPv6 IP addresses. If you are using an IPv6 address, you must put brackets around the IPv6 address in

the ftp/tftp/http URL to return the correct data. For example,
ftp://user1:mypass@[2001:610:1:80aa:192:87:102:43].

The certificate to be uploaded must be from a certificate request sent out and signed by a Certificate Authority

for this particular Virtual Connect Manager. Otherwise, the certificate fails to match the private keys used to

generate the certificate request, and the certificate is rejected.
If the new certificate is successfully accepted and installed by the Virtual Connect Manager, you are
automatically logged out. The HTTP server must be restarted for the new certificate to take effect.
After the signed certificate is uploaded, the certificate is retained. Even if the domain is deleted, the certificate

remains.