beautypg.com

HP XP7 Storage User Manual

Page 70

background image

Requirements of the new Syslog protocol (TLS1.2/RFC5424)

The new Syslog protocol (TLS1.2/RFC5424) requires the following:

Operation confirmed Syslog server (rsyslog version 4.6.2)

Syslog server certificate. The IP address of the Syslog server in ”Subject Alternative Name: IP
Address” of the Syslog server certificate.

Client certificate. Upload the following:

Notes

Format

Certificate type

Obtain the Syslog server root certificate from the server
administrator.

X.509

Syslog server root
certificate

Convert the Syslog server client certificate that is signed by
a Certificate Authority (CA) to PKCS#12 format. (See

PKCS#12

Client certificate

“Obtaining a client certificate for the new Syslog protocol”
(page 70)

.)

Each certificate has an expiry date, after which you are prevented from connecting to the Syslog
server. Note the expiry dates when preparing certificates.

Contact the Syslog server administrator for the following:

Password set up in the PKCS#12-format client certificate

More information about the certificates

Obtaining a client certificate for the new Syslog protocol

To obtain a client certificate:
1.

Download the program to create the certificate from the following website: OpenSSL website,
http://www.openssl.org/.

2.

Install the OpenSSL program in the C:\openssl folder.

3.

Convert the client certificate to the PKCS#12 format.

Example

The following example to obtain a client certificate, Windows Vista is the operating system. Both
a private key and a public key are created. The client.p12 file is the client certificate in PKCS#12
format. This file is created in the c:\key folder.
1.

Create a private key (.key file). See

“Creating a private key (.key file) ” (page 16)

.

2.

Create a public key (.csr file). See

“Creating a public key (.csr file) ” (page 16)

.

3.

Send the new key to the Syslog server Certificate Authority for signature to obtain a certificate.
The certificate is used as the client certificate.

When preparing a certificate, note its expiration date. If the expiration date passes, you will not
be able to connect to the Syslog server.

Setting and configuring syslog notification for SIMs

You can be notified in syslog format when storage system failures occur.

Prerequisites

You must have the Storage Administrator (Initial Configuration) role to perform this task. See

Table 8 (page 55)

.

You must have a server that supports syslogs.

If a firewall is used, a port must be opened to transfer syslogs.

To configure settings for syslog notification:

70

Configuring the Remote Web Console environment

This manual is related to the following products:
See also other documents in the category HP Storage: