General operating rules and notes – HP 4100GL User Manual

Configuring Secure Socket Layer (SSL)
General Operating Rules and Notes

General Operating Rules and Notes

■

Once you generate a certificate on the switch you should avoid re

-

generating the certificate without a compelling reason. Otherwise,
you will have to re-introduce the switch’s certificate on all manage

-

ment stations (clients) you previously set up for SSL access to the
switch. In some situations this can temporarily allow security
breaches.

■

The switch's own public/private certificate key pair and certificate

are stored in the switch's flash memory and are not affected by
reboots or the erase startup-config command

■

The public/private certificate key pair is not be confused with the SSH

public/private key pair. The certificate key pair and the SSH key pair
are independent of each other, which means a switch can have two
keys pairs stored in flash

■

When stacking is enabled, SSL provides security only between an SSL

client and the stack manager. Communications between the stack
commander and stack members is not secure.

5-6