Owner's Manual
You can manage Power Center certificates in Keytool. Common scenarios include:
• Scenario 1 — Generate a key pair and self-signed certificate. During Power Center installation, a key pair and
self-signed certificate are generated for the Power Center server.
NOTE: When you delete an entry from the keystore file, make sure you leave at least one key pair entry in
the keystore file; otherwise, Power Center will not work.
• Scenario 2 – Replace the self-signed certificate with a signed certificate issued by a Certification Authority (CA).
A certificate signed by a CA is more likely to be trusted by the Web browsers. To sign your certificate by a CA,
do the following:
– Generate a Certificate Signing Request (CSR) and submit to the CA.
– Import a certificate for your CA.
– Import the Certificate Reply from the CA.
• Scenario 3 – Import a new Trust Certificate. Some devices (for example, chassis and the exposed management
interface through WS-MAN) or web service providers may provide a certificate for Power Center validation
when establishing communication. If you validate the certificate and Power Center fails to verify it by building a
trust path from the trust certificate in the keystore file, then communication will fail. In this scenario, you may
need to import a new trust certificate to make sure a trust path can be built to verify the certificate.
For more information on how to manage certificates, see Keytool documentation.
98