beautypg.com

Local server certificate category – HP Systems Insight Manager User Manual

Page 36

background image

6.

Click Add to add the configurations.

7.

Click Apply to apply the configurations.

To remove IP addresses from the list:

1.

Select Settings from the menu.

2.

In the System Management Homepage box, click the Security link.

3.

Click the IP Restricted Login link.

4.

Select the check box beside the IP addresses you want to remove.

5.

Click Remove.

6.

Click Apply to apply the configurations.

Local Server Certificate category

The Local Server Certificate link enables you to use

certificates

that are not generated by HP.

7

4

1

Alternative Names

Valid server name list.

Create

Create the certificate request.

Organization (O)

The name of the organization.

2

8

5

Organizational Unit (OU).

The name of the unit within the
organization requesting the
certificate.

Create

Re-create the certificate adding the
given alternative names.

PKCS #7 Information

PKCS #7 fields filled.

6

Import

Import the signed certificate.

3

Alternative Name

If you use the following process, the

self-signed certificate

that was generated by the HP SMH is replaced

with one issued by a

certificate authority

(CA).

The first step of the process is to cause the HP SMH to create a Certificate Request (PKCS #10). This
request uses the original private key associated with the self-signed certificate and generates data for
the certificate request. The private key never leaves the server during this process.

After the Public Key Infrastructure PKCS #10 data is created, the next step is to send it to a certificate
authority. Follow your company policies for sending secure requests for and receiving secure certificates.

After the certificate authority returns the PKCS #7 data, the final step is to import this into HP SMH.

After the PKCS #7 data is imported, the original \hp\sslshare\cert.pem certificate file for Windows
and /opt/hp/sslshare/cert.pem (/etc/opt/hp/sslshare/cert.pem in HP SMH 2.1.3
and later on Linux x86 and x86-64) is overwritten with the system certificate from the PKCS #7 data
envelope. The same private key is used for the new imported certificate that was used with the previous
self-signed certificate. This private key is randomly generated at startup when no key file exists.

36

The Settings Page

This manual is related to the following products: