Using the certificate and ca configuration screen, Trusted certificate authority list profiles, 61 import certificate section components – HP Secure Key Manager User Manual

Table 61 Import Certificate section components

Component

Description

Source

Specify the method for importing the certificate to the SKM. If you are uploading the

certificate through the browser, select Upload from browser, then click Browse and

locate the file on the local drive or network. If you are using FTP or SCP to copy the

file to the SKM, select the appropriate option and enter the following information:

•

Host: the source host.

•

Filename: the name of the file on the source host.

•

Username: the username of the account on the source host.

•

Password: the password for the user account on the source host.

NOTE:

FTP will not be available if the device is FIPS-compliant.

Certificate Name

The name of the certificate.

Private Key Password

The password used to access the key.

Import Certificate

Click Import Certificate to import the certificate to SKM.

Using the Certificate and CA Configuration screen

The SKM is capable of functioning as a certificate authority (CA). Local CAs are managed on the

Certificate Authority Configuration page and are used to issue certificates to clients (including

applications and databases) that might be making requests to the KMS Server. You can also use the

Certificate and CA Configuration page to configure the list of Certificate Authorities recognized by the

SKM. This chapter contains the following information:
The Certificate and CA Configuration page enables you to manage a trusted CA list, manage local CAs,

sign certificate requests, create local CAs, and install CAs.
This page contains the following sections:

• Trusted Certificate Authority List Profiles
• Trusted Certificate Authority List
• Local Certificate Authority List
• CA Certificate Properties
• Sign Certificate Request
• Signed Certificates
• Signed Certificate Information
• Create Local CA
• CA Certificate List
• Install CA Certificate

Trusted Certificate Authority List Profiles

The Trusted Certificate Authority List Profiles section allows you to create lists of Trusted CAs that can be

used to verify certificates for your client applications. When the Client Certificate Authentication option

is enabled on the KMS Server, the SKM verifies that the CA that signed the client certificate is in the

list of Trusted CAs for the Trusted CA profile specified on the KMS Server page. The Trusted Certificate

Authority List Profiles section is shown here:

Secure Key Manager

143