HP Systems Insight Manager 7.2 Technical Reference Guide

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager 5.x Windows Software

251

252

253

254

255

256

257

258

259

260

3. Click Delete. A dialog box appears.

4. To delete the certificates, click Yes, or to cancel the delete process and return to the Trusted

System Certificates page, click Cancel.

Related information

Requiring trusted certificates

Trusted system certificates are certificates that represent managed systems. Enabling the Trusted

System Certificate option enables HP SIM to authenticate the remote managed system. For ease

of use, this option is disabled; this scenario is typical and maintains a high level of security. For

maximum security, this option should be enabled, which requires extra configuration.

If Require is enabled, when HP SIM attempts to make an SSL connection to a managed system, a

certificate representing that system must be found in the HP SIM keystore or the SSL connection

and attempted operation fails. The certificate representing the system can be the system's SSL

system certificate or the CA level certificate that was used to sign the system's certificate. For large

numbers of systems, using having a handful of CA-level certificates to sign all the system certificates

can simplify the management and maintenance of the system certificates. However, this option

requires the presence of a certificate system in your environment, or the services of a third-party

security company.

CAUTION: If you select the Require option, a warning message appears, indicating that certain

features work only for systems whose certificates are represented in the Trusted Certificate List.

The HP SIM Trusted System Certificates List is only used when the Require option is enabled.

IMPORTANT: Changing the Require option can adversely affect the operation of HP SIM. Carefully

read and understand the warning described in this Section.

When using a CA-level certificate, any valid certificate signed by the CA-level certificate is accepted

by HP SIM, whether it is already issued or issued at some point in the future.

Procedure 109 Enabling the require trusted certificates option

1. Select Require. This setting restricts the CMS from accepting any connections other than SSL

connections with managed systems. The managed systems must have a certificate in the

Certificate List. This option does not affect browsing to the CMS.

A warning message appears indicating that certain features work only for systems whose

certificates are represented in the Trusted System Certificates List.

2. To require trusted certificates, click OK . To disable the Require option and return to the Trusted

System Certificates page, click Cancel.

Procedure 110 Disabling the Trusted System Certificates option

1. Select Options→Security→Credentials→Trusted Systems.

The Trusted Certificates page appears.

2. Select another option.

3. Click OK, or to leave the Require option enabled and return to the Trusted System Certificates

page, click Cancel.

Related information

Configuring SSH key security

Configuring the SSH key security level enables you to specify the level of security on the CMS.

Trusted certificates 251