Manualshelf

HP WBEM Services for HP-UX and Linux System Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP Insight Management WBEM Providers
61626364656667686970
Security Considerations
HTTPS and HTTP
Chapter 664
HTTPS and HTTP
By default, enableHttpsConnection is set to true, and HP WBEM
Services listens on port 5989. You can set the HTTPS connection to false,
and set the property enableHttpConnection to true to make HP WBEM
Services listen on port 5988.
Use the cimconfig command to reset the property file. To change
properties temporarily, for just one session, start CIM Server with the
cimserver command and use the command-line properties option.
If you set both HTTPS and HTTP to true (enabled), HP WBEM Services
will listen on ports 5988 and 5989.
If you set both to false (disabled) HP WBEM Services will listen only on
the domain socket and accept requests from local clients, i.e. connections
established using the connectLocal method in the CIMClient interface.
By default, HP WBEM Services uses SSL (Secured Socket Layer) for all
communications, with server-side certificates that are trusted by the
management application. This gives both spoof protection and
confidentiality.
NOTE Basic Authentication requires the client to pass both the user name and
password, both in Base64 encoding. This encoding is not secure. SSL
(enableHttpsConnection) should only be disabled in a highly secure
environment, where passing clear text passwords is not an issue.
HP WBEM Services uses OpenSSL to support HTTPS connections.
OpenSSL is a cryptography toolkit that implements the network
protocols and related cryptography standards of SSL v2/v3 and TLS
(Transport Layer Security). For more about OpenSSL, go to
http://www.openssl.org/docs.
On the HTTPS port, CIM clients are required to use SSL (Secure Socket
Layer) to establish connections with the CIM Server and to send or
receive CIM requests.