HP ProLiant SL2x170z G6 Server User Manual
Page 50
Shining Light Productions website (
),
and the commands issued in a DOS window to generate the certificate. To generate a certificate
using Win32 OpenSSL:
1.
Download Win32 OpenSSL.
2.
Install and set up OpenSSL.
3.
Using OpenSSL, generate a DSA parameters file:
openssl dsaparam -out server_dsaparam.pem 1024
4.
Generate the DSA private key file, called server_privkey.pem:
openssl gendsa -out server_privkey.pem server_dsaparam.pem
5.
Generate the DSA certificate (public key) file, called server cacert.pem:
openssl req -new -x509 -key server_privkey.pem -out server_cacert.pem -days 1095
6.
When prompted for a distinguished name, enter an appropriate domain name for the servers
that will be receiving the certificate.
7.
After creating the certificate, copy it to a TFTP server that is accessible on the same network
as LO100.
Before importing a certificate or key, you must disconnect from any remote KVMS sessions. Importing
a key or certificate will disconnect your session and reset the LO100 processor. After importing a
key or certificate and LO100 confirms a successful upload, you must log back into LO100.
Installing a certificate or private key through a web browser
The Security Settings page enables you to install new keys and certificates for SSL and SSH
connections.
To install a certificate through the browser:
1.
Log in to LO100 as an administrator.
2.
On the browser main menu navigation bar, click Security Settings.
3.
In the TFTP server IP address field, enter the IP address of the TFTP server.
4.
On the menu under File type, select Certificate.
5.
Enter the file name of the certificate created (server_cacert.pem) in the File Name field. Include
the path relative to the TFTP server root in the file name.
6.
Click Apply.
To install the private key through the browser:
50
Using LO100