Related topics, Local server certificate – HP System Management Homepage-Software User Manual

6.

Click Save Configuration to save the current configurations, or click Reset Values to cancel
all changes.

If Save Configuration is clicked, the following message appears:

Setting this value requires restarting the HP System Management

Homepage which may require you to log in again

.

7.

Click OK.

Related Topics

•

Security

•

IP Binding

•

Local Server Certificate

•

Local/Anonymous Access

•

Trust Mode

•

Trusted Management Servers

•

User Groups

Local Server Certificate

The Local Server Certificate link enables you to use

certificates

that are not generated by HP.

If you use the following process, the

self-signed certificate

that was originally generated by the HP

System Management Homepage (HP SMH) is replaced with one that was issued by a

certificate

authority

(CA).

•

The first step of the process is to cause the HP SMH to create a Certificate Request (PKCS
#10)

. This request uses the original private key that was associated with the self-signed

certificate and generates the appropriate data for certificate request. The private key never
leaves the server during this process.

•

After the

PKCS #10

data has been created, the next step is to send it to a certificate authority.

You should follow your company policies for sending secure requests for and receiving
secure certificates.

•

After the certificate authority has returned the PKCS #7 data, the final step is to import this
into HP SMH.

•

After the PKCS #7 data has been successfully imported, the original
\hp\sslshare\cert.pem

certificate file for Windows,

/opt/hpsmh/sslshare/cert.pem

file for HP-UX, and /opt/hp/sslshare/cert.pem

(/etc/opt/hp/sslshare/cert.pem in HP SMH 2.1.3 and later on Linux x86 and x86_64)
is overwritten with the system certificate from that PKCS #7 data envelope. The same private
key is used for the new imported certificate as was used with the previous self-signed
certificate. This private key is randomly generated at startup when no key file exists.

To create a certificate:

1.

Select Settings

→System Management Homepage→Security.

2.

Select Local Server Certificate.

3.

Optionally, you can replace the default values in the Organization or Organizational Unit
fields with your own values up to a maximum of 64 characters.

4.

Click Create PKCS #10 Data. A screen appears indicating that the PKCS #10 Certificate
Request

data has been successfully generated and stored in

/opt/hpsmh/sslshare/req_cr.pem

for HP-UX, /opt/hp/sslshare/req_cr.pem

(/opt/hp/hpsmh/data/req_cr.pem in HP SMH 2.1.4 and later on Linux x86 and x86_64),
and <systemdrive>\hp\sslshare\req_cr.pem
(<systemdrive>\hp\hpsmh\data\req_cr.pem in HP SMH 2.1.4 and later) for Windows.

5.

Copy the certificate data.

Security

29