1 verifying a certificate, 3 using a certificate authority – HP OneView User Manual

Page 51

Advertising
background image

3.9.2.1 Verifying a certificate

You can verify the authenticity of the certificate by viewing it with your browser.

After logging in to the appliance, choose Settings

→Security to view the certificate. Make note of

these attributes for comparison:

Fingerprints (especially)

Names

Serial number

Validity dates

Compare this information to the certificate displayed by the browser, that is, when browsing from
outside the appliance.

3.9.2.2 Downloading and importing a self-signed certificate

The advantage of downloading and importing a self-signed certificate is to circumvent the browser
warning.

In a secure environment, it is never appropriate to download and import a self-signed certificate,
unless you have validated the certificate and know and trust the specific appliance.

In a lower security environment, it might be acceptable to download and import the appliance
certificate if you know and trust the certificate originator. However, HP does not recommend this
practice.

Microsoft Internet Explorer and Google Chrome share a common certificate store. A certificate
downloaded with Internet Explorer can be imported with Google Chrome as well as Internet
Explorer. Likewise, a certificate downloaded with Google Chrome can also be imported by both
browsers. Mozilla Firefox has its own certificate store, and must be downloaded and imported
with that browser only.

The procedures for downloading and importing a self-signed certificate differ with each browser.

Downloading a self-signed certificate with Microsoft Internet Explorer 9

1.

Click in the Certificate error area.

2.

Click View certificate.

3.

Click the Details tab.

4.

Verify the certificate.

5.

Select Copy to File...

6.

Use the Certificate Export Wizard to save the certificate as Base-64 encoded X.509 file.

Importing a self-signed certificate with Microsoft Internet Explorer 9

1.

Select Tools

→Internet Options.

2.

Click the Content tab.

3.

Click Certificates.

4.

Click Import.

5.

Use the Certificate Import Wizard.
a.

When it prompts you for the certificate store, select Place….

b.

Select the Trusted Root Certification Authorities store.

3.9.3 Using a certificate authority

Use a trusted CA (certificate authority) to simplify certificate trust management; the CA issues
certificates that you import. If the browser is configured to trust the CA, certificates signed by the
CA are also trusted. A CA can be internal (operated and maintained by your organization) or
external (operated and maintained by a third-party).

3.9 Managing certificates from a browser

51

Advertising
Popular Brands
Popular manuals