HP StorageWorks Command View XP Advanced Edition Device Manager Server Installation and Configuration Guide (December 2005)

Command View XP AE Device Manager Server Security 101

Figure 6-25 Entering and Confirming New Truststore Password

6-3 Configuring Common Web Service for SSL

Communication

The Common Web Service supports versions 2 and 3 of SSL, and version 1 of TLS.

This section discusses the following security procedures:

• Generating a Private Key (see section 6-3-1 ).

• Creating a Certificate Signing Request (CSR) (see

6-3-2 ).

• Creating a Self-Signed Certificate (see section 6-3-3 ).

• Enabling SSL (see section

6-3-4-1 ).

• Disabling SSL (see section

6-3-4-2 ).

• Changing a Port Assigned to SSL (see section 6-3-4-3 ).

6-3-1 Generating a Private Key using SSLC

To create a private key, you will use the sslc utility. You can either use the private key as the basis for

a certificate signing request (see

6-3-2 ), or you can use it as a self-signed certificate to test the web

server. The default location of the sslc utility is as follows:

• Windows

: c:\Program Files\CVXPAE\Base\httpsd\sslc\bin

• The sslc utility has the following format: sslc genrsa -out key-file [ 512 | 1024 | 2048 ]

• out key-file specifies the file that will contain the private key.

• [ 512 | 1024 | 2048 ] specifies the bit length of the private key.

For example, to output a 1024-bit private key to the httpsdkey.pem file, the command would be:

• sslc genrsa -out demoCA\httpsdkey.pem 1024.