beautypg.com

Port 2301 category – HP System Management Homepage-Software User Manual

Page 41

background image

for the new imported certificate that was used with the previous self-signed certificate. This private key
is randomly generated at startup when no key file exists.

To create a certificate:

1.

Select Settings from the menu.

2.

In the System Management Homepage box, click the Security link.

3.

Click the Local Server Certificate link.

4.

Replace the default values in the Organization or Organizational Unit fields in the Create PKCS #10
Data box with your values, up to 64 characters.

If not specified, they are filled in with Hewlett-Packard Company for the Organization and
Hewlett-Packard Network Management Software (SMH)

for the Organizational Unit.

5.

Click Create in the Create PKCS #10 Data box.

A screen appears indicating that the PKCS #10 Certificate Request data has been generated and stored
in /opt/hpsmh/sslshare/req_cr.pem for HP-UX, /etc/opt/hp/sslshare/req_cr.pem on
Linux x86 and x64, and systemdrive: \hp\sslshare\req_cr.pem for Windows.

6.

Copy the certificate data.

7.

Use a secure method to send PKCS #10 certificate request data to a certificate authority, request the
certificate request reply data in PKCS #7 format, and request that the reply data is in Base64-encoded
format.

If your organization has its own Public Key Infrastructure (PKI) or Certificate Server implemented, send
the PKCS #10 data to the CA manager and request the PKCS #7 reply data.

NOTE:

A third-party certificate signer generally charges a fee.

8.

When the certificate signer sends the PKCS #7 encoded certificate request reply data to you, copy this
data from the PKCS #7 certificate request reply and paste it into the PKCS #7 information field in the
Import PKCS #7 Data box.

9.

Click Import.

A message appears indicating whether the customer-generated certificate was imported.

10. Restart HP SMH.
11. Browse to the managed system that contains the imported certificate.
12. When prompted by the browser, select to view the certificate and verify that signer is listed as the signer

you used, and not HP, before importing the certificate into your browser.

If the certificate signer you choose sends you a certificate file in Base64-encoded form instead of PKCS
#7 data, copy the Base64-encoded certificate file to /opt/hpsmh/sslshare/cert.pem for HP-UX,
/etc/opt/hp/sslshare/cert.pem

on Linux x86 and x64, and

systemdrive:\hp\sslshare\cert.pem

for Windows; then restart HP SMH.

Port 2301 Category

The Port 2301 link provides options to enable or disable Port 2301. The default value, enabled, preserves
the compatibility with

HP Web-enabled System Management Software

.

System Management Homepage Box

41