beautypg.com

Acquiring a signed certificate, Acquiring a self-signed certificate, Acquiring a signed and trusted certificate – HP XP7 Storage User Manual

Page 17: Uploading the signed certificate

background image

For some fields there will be a default value.

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [AU]:JP

State or Province Name (full name) [Some-State]:Kanagawa

Locality Name (eg, city) []:Odawara

Organization Name (eg, company) [Internet Widgits Pty Ltd]:Hitachi

Organization Unit Name (eg, section) []:ITPD

Common Name (eg, YOUR name) []:192.168.0.1

Email Address []:

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

Acquiring a signed certificate

After creating private key and public key, please acquire signed certificate file of public key. Below
are the three ways to acquire signed certificate file.

Create a certificate by self-signing.

Acquire a certificate of certificate authority which is used within your company.

Acquire an official certificate by requesting one from a certificate authority such as VeriSign.

When you send a request to a certificate authority, specify SVP as the host name. There will
be an extra charge.

NOTE:

HP recommend that self-signed certificates be used only for testing encrypted

communication.

Acquiring a self-signed certificate

To acquire a self-signed certificate, open the command prompt and execute the following command:

c:\key>c:\openssl\bin\openssl x509 -req -sha256 -days 10000 -in

server.csr -signkey server.key -out server.crt

NOTE:

This command uses SHA-256 as a hash algorithm. MD5 or SHA-1 is not recommended

for a hash algorithm due to its low security level.

This creates a server.crt file in the c:\key folder, which is valid for 10,000 days. This is the signed
private key, which is also referred to as a self-signed certificate.

Acquiring a signed and trusted certificate

To acquire a signed and trusted certificate, you must acquire a certificate signing request (CSR),
send that file to a Certificate Authority (CA), and request that the CA issue a signed and trusted
certificate. Each certificate authority has its own procedures and requirements, and there is generally
a cost for doing so. The signed and trusted certificate is the signed Public Key.

Uploading the signed certificate

To use SSL-encrypted communication, you must update and upload the private key and the signed
server certificate (Public Key) to the SVP.

Setting up SSL encryption

17

This manual is related to the following products:
See also other documents in the category HP Storage: