Manualshelf

Neoview User Management and Security Administration Guide (R2.5)

ManualsBrandsHP ManualsSoftwareHP Neoview Release 2.5 Software
51525354555657585960
example grc101. If the external network name is different from the internal name, use the
internal name.
CSR is the local file to which the certificate signing request will be downloaded on the
workstation where this command was run. This attribute is required.
SUBJECT is required and is a valid certificate subject text string, enclosed in quotation marks.
KEYSIZE is 1024 for 1024-bit encryption and 2048 for 2048-bit encryption. The default value
is 2048.
The command fails and an error is returned if
You are not logged on as ROLE.SECMGR.
You omit the SYSTEM_NAME or are not connected to a Neoview platform having the specified
name.
You omit a required attribute or specify an invalid value for an attribute.
Examples
The following command creates a certificate signing request for a Neoview platform whose
primary segment DNS name is ABC101:
.sec create csr ABC101 ,Subject O=Hewlett-Packard Company,OU=Business
Intelligence,CN=ABC101,Keysize 2048,CSR C:\Certs\CSR\ABC101.cer
INSERT CERTIFICATE Command
This command installs two new certificates on a Neoview platform, one for use by client
connections and one for use by the HPDM event viewer. Only a user who has the ROLE.SECMGR
role may enter this command.
The certificates you deploy in this way could, in theory, be self-signed, but the usual use of this
command is to deploy CA-signed certificates.
Once you have created and installed the new certificates on the Neoview platform, subsequent
requests from clients will be handled as follows:
If a workstation already has the new certificate installed, the request will succeed.
If the workstation has an old certificate and auto-download is enabled, the new certificate
will be downloaded to the workstation.
If the workstation has an old certificate and auto-download is not in effect, the connection
request will fail unless a new certificate has been installed on the workstation in the location
prescribed by the applicable ODBC or JDBC connection attributes, described in “Secure
Login and Role Selection for Neoview Users” (page 145); if a new certificate is present in the
configured location, it is copied to the active certificate location.
Syntax
[.SEC] INSERT CERTIFICATE SYSTEM_NAME, CERT [filename],CACERT [filename]
Parameters
SYSTEM_NAME is required and identifies the Neoview platform on which you wish to install
the certificate. The name consists of the unqualified DNS name of the primary segment, for
example grc0101. If the external network name is different from the internal name, use
the internal name.
CERT specifies the location of the root certificate obtained from the Certificate Authority.
The certificate is uploaded from the specified location to the Neoview platform.
This parameter is required.
CACERT specifies the location of the intermediate certificate corresponding to the root
certificate identified by CERT. This certificate is uploaded from the specified location to the
60 Post-installation Security Setup Tasks