HP StorageWorks Command View SDM Installation and User Guide (T1086-96023, February 2005)

Installing Command View SDM 75

Installing

Command View SDM

SSL Support

By default, SSL is enabled in the provider. SMI-S VA uses an SSL server-side

certificate to help clients securely communicate with the SMI-S server. A self-

signed certificate (hpSMIS.cert) is packaged with SMI-S VA.

Following is the location of the certificate on different operating systems:

Windows

C:\Program Files\Hewlett-Packard\SMI-S\cimom

HP-UX and Linux

/opt/SMI-S/cimom

The certificate can be replaced with a different certificate by the administrator.

Be sure to retain the certificate name (hpSMIS.cert). To use the certificate,

copy it to the trust store from the current location.

A trust store is a repository of trusted certificates that are recognized by the

client program. Once the SMI-S certificate is “trusted” by a client program, the

client communicates with the SMI-S server using SSL. SSL helps secure the

client server communication by providing clients with the ability to authenticate

the entity claiming to be the SMI-S server, and also by protecting the integrity

of the transmitted data.

Port Occupation

The CIMOM, by default, is SSL enabled and runs on port 5989. When SSL is

disabled, the CIMOM runs on port 5988. To determine the port number on

which the CIMOM is running, check the cimom.startup file in the CIMOM

directory. If these ports are not available, the CIMOM uses the first available

private port starting from 49152.

Enabling SSL

Enable SSL by setting the EnableSSL property in the cim.properties file

to True. See "SSL Support" on page 75 for location of the

cim.properties

file on different operating systems.

Once EnableSSL is set to True, all client connections use the https

protocol.

If the client is implemented using Java, complete the following procedure to

issue the certificate: