Manualshelf

HP System Management Homepage

ManualsBrandsHP ManualsSoftwareHP System Management Homepage Software
31323334353637383940
Trusted Management Servers
Kerberos Authorization Procedure
User Groups
Related Topic
The Settings Page
Trust Mode
The Trust Mode link provides options to enable you to select the security required by your system. Some
situations require a higher level of security than others. Therefore, you have the following security options:
Trust by Certificate Sets HP SMH to accept configuration changes only from HP SIM servers with
trusted
certificates
. This mode requires the submitted server to provide authentication by means of
certificates. This mode is the strongest method of security because it requires certificate data and verifies
the digital signature before allowing access. If you do not want to enable remote configuration changes,
leave Trust by Certificate selected, and leave the list of trusted systems empty by not importing certificates.
This is the default behavior on Linux Itanium.
HP strongly recommends using this option because it is more secure.
Trust by Name Sets HP SMH to accept configuration changes only from servers with HP SIM names
designated in the Trust By Name field. For example, you might use this option if you have a secure
network with two groups of administrators in two divisions. It prevents one group from installing software
to the wrong system. This option verifies only the HP SIM server that you designate.
HP strongly recommends using the Trust by Certificate option because the other options are less secure.
Trust All Sets HP SMH to accept specific configuration changes from systems. For example, you could
use the Trust All option if you have a secure network, and everyone in the network is trusted.
HP strongly recommends using the Trust by Certificate option because the other options are less secure.
Configuring Trust Mode
For HP-UX, the imported HP SMH certificates are stored in the /opt/hpsmh/certs directory.
For Linux, the imported HP SMH certificates are stored in the /opt/hp/hpsmh/certs directory.
For Windows, the imported HP SIM certificates are stored in the systemdrive: \hp\hpsmh\certs
directory.
You must have administrative authority to access this directory.
To trust by certificate:
1. Select Settings from the menu.
2. In the System Management Homepage box, click the Security link .
3. Click the Trust Mode link.
4. In the Secure Trust Modes box, click the Trust by Certificate radio button.
Choosing this option sets up the HP SMH to accept Secure Task Executions and Single Sign On requests
that are signed by a HP SIM with a Trusted Certificate.
5. Click Apply.
To trust by name:
1. Select Settings from the menu.
2. In the System Management Homepage box, click the Security link.
3. Click the Trust Mode link.
4. In the Other Trust Modes box, click the Trust by Name radio button.
5. In the Server Certificate Name textbox, enter the Server Certificate Name.
Security 39