HP 4100GL User Manual

Configuring Secure Socket Layer (SSL)
Configuring the Switch for SSL Operation

The installation of a CA-signed certificate involves interaction with other
entities and consists of three phases. The first phase is the creation of the CA
certificate request, which is then copied off from the switch for submission to
the certificate authority. The second phase is the actual submission process
that involves having the certificate authority verify the certificate request and
then digitally signing the request to generate a certificate response (the usable
server host certificate). The third phase is the download phase consisting of
pasting to the switch web server the certificate response, which is then
validated by the switch and put into use by enabling SSL

To generate a certificate request from the web browser interface:

i.

Proceed to the Security tab then the SSL button

ii. Select the Generate Certificate button
iii. Select 'Create CA Request' from the 'Certificate Type' drop-down

list

iv. If you do not wish to generate…" à "If you wish to re-use the

current certificate key, select 'current' from the drop-down list

v.

Fill in remaining certificate arguments (see “” on page 5-10)

vi. Click on Apply Changes to create the certificate request. A new

web page is presented that consists of two text boxes. The upper
text box is filled in with the certificate request text and the bottom
text box is empty and is to be used for pasting back the certificate
reply from certificate authority They will need to return a none
PEM encoded certificate request reply. You will need to paste that
in the reply box and then

vii. After the certificate request has been processed and a certificate

reply (i.e. installable certificate) has been received, it is pasted
into the lower text box.

viii. Click on the Apply Changes button to install the certificate.

5-16