Manualshelf

HP System Management Homepage

ManualsBrandsHP ManualsSoftwareHP System Management Homepage Software
31323334353637383940
7. Use a secure method to send PKCS #10 certificate request data to a certificate authority, request the
certificate request reply data in PKCS #7 format, and request that the reply data is in Base64-encoded
format.
If your organization has its own Public Key Infrastructure (PKI) or Certificate Server implemented, send
the PKCS #10 data to the CA manager and request the PKCS #7 reply data.
NOTE: A third-party certificate signer generally charges a fee.
8. When the certificate signer sends the PKCS #7 encoded certificate request reply data to you, copy this
data from the PKCS #7 certificate request reply and paste it into the PKCS #7 information field in the
Import PKCS #7 Data box.
9. Click Import.
A message appears indicating whether the customer-generated certificate was imported.
10. Restart HP SMH.
11. Browse to the managed system that contains the imported certificate.
12. When prompted by the browser, select to view the certificate and verify that signer is listed as the signer
you used, and not HP, before importing the certificate into your browser.
If the certificate signer you choose sends you a certificate file in Base64-encoded form instead of PKCS
#7 data, copy the Base64-encoded certificate file to /opt/hpsmh/sslshare/cert.pem for HP-UX,
/etc/opt/hp/sslshare/cert.pem on Linux x86 and x64, and
systemdrive:\hp\sslshare\cert.pem for Windows; then restart HP SMH.
Related Procedures
Anonymous/Local Access
IP Binding
IP Restricted Login
Alternative Names Certificates
Port 2301
Timeouts
Trust Mode
Trusted Management Servers
Kerberos Authorization Procedure
User Groups
Related Topic
The Settings Page
Alternative Names Certificates
HP SMH allows the setting of multihomed or multiple names to
certificates
that are not generated by HP.
Through this functionality, SMHs certificate can contain additional information for the machine, such as other
names in the network and IPs that are available. In the same way, it is possible to create a request certified
to be signed by a
Certificate Authority (CA)
.
Two kinds of values are acceptable as alternative names:
DNS name (for example, Linux;Linux.localdomain)
IP Address (for example, 10.16.165.1;192.168.1.189)
Only users in the Administrator User Group and System Administrators (
root
on Linux and
Administrator
on
Windows) can edit the Alternative Names fields through the browser.
The
multihomed
configuration is available by completing the following steps:
Changes made here to Alternative Names affect only the current certificate.
36 The Settings Page