Manualshelf

HP StorageWorks Reference Information Storage System V1.5 Administrator Guide (T3559-96044, June 2006)

ManualsBrandsHP ManualsSoftwareHP IAP Backup Option Software E-LTU
31323334353637383940
Installing and generating a certificate on the PCC portal
Follow these steps to generate and install a certificate for the RISS PCC p ortal.
1. Create a certificate signing request (CSR) for the PCC:
a. Log in to the PCC Web interface and go Configuration > SSL Configuration.
b. Complete the CSR generation form.
c. Log out of t
he PCC Web interface.
This gener
ates two files on the PCC:
/opt/keys/pccCert.pm (the certificate request)
/opt/keys/pcckey.pem (the RSA private key)
2. Manually
copy the c ertificate request file to your local machine:
scp root@[external ip address of PCC]:/opt/keys/pccCert.pm
3. Send the certificate request to a certificate authority (CA) such as VeriSign for signing.
Follow th
e instructions provided by your CA.
4. Import the certificate you receive from the CA into the RISS PCC:
a. Store the certificate from the CA on your local machine (for example, as pccCertSigned.pem).
b. Copy the
certificate to the PCC:
scp pccCertSigned.pem root@[external ip address of PCC]:/opt/keys/
pccCertSigned.pem
5. Import t
he certificate into the PCC’s Apache server:
usr/local/bin/ssl_cert_update.pl -pcc -cert /opt/keys/pccCertSigned.pem
-key /opt/keys/pcckey.pem
6. Restar
t the PCC’s Apache ser ver by issuing the following command:
/etc/init.d/httpd restart
Installing and generating a certificate on the HT TP portals
F ollow these steps to install a certificate on the RIS S HTTP portals.
1. Create a c er tificate signing request (CSR) for the HTTP portals:
a. Log in to the PCC Web interface and go Configuration > SSL Configuration.
b. Complete the CSR generation form.
c. Log out of the PCC W eb interface.
ThisgeneratestwofilesonthePCC:
/opt/keys/httpCert.pm (the certificate request)
/opt/keys/httpkey.pem (the RSA private key)
2. Manually copy the certificate request file to your local machine:
scp root@[external ip address of PCC]:/opt/keys/httpCert.pm
3. Send the certificate request to a certificate authority (CA) such as VeriSign for signing.
Follow the instructions provided by your CA.
4. Import the certificate you receive from the CA into the RISS PCC:
a. Store the certificate from the CA on your local machine (for example, as
httpCertSigned.pem).
38
Configuration