Flow of ssl communication settings, Creating a keypair – HP XP7 Storage User Manual
Page 15
If you enable SSL, you must make sure that the key pair and associated server certificate do not
expire. If either the key pair or the server certificate expires, users will be unable to connect to the
SVP.
Flow of SSL communication settings
The following shows a flow of required settings for SSL communication. Note that creation of private
and public keys requires a dedicated program. Download one from the OpenSSL website
(http://www.openssl.org/).
Notes on updating the signed certificate to the SVP
Read the following notes about uploading the signed certificate to the SVP:
•
While the SVP server certificate is being updated, tasks that are being executed or scheduled
for execution on Remote Web Console are not executed.
•
Certificates for RMI communication are updated asynchronously (within approximately two
minutes).
•
If an SVP certificate is updated during Command View Advanced Edition Suite setup operation,
the Command View Advanced Edition Suite setup operation will result in an error
•
Update of the SSL certificate gives a great influence to the system and may lead to SVP failure.
Therefore take sufficient care about the content of the certificate and private key to be set.
•
After the certificate update is complete, depending on the environment, the SVP web server
can take 30 to 60 minutes to restart. When it takes that long, an internal server error occurs,
and the update completion dialog box does not display. However, the certificate update is
complete.
Creating a keypair
To enable SSL, you must create a keypair consisting of a public and a private key. The instructions
use Windows Vista as an example.
Setting up SSL encryption
15