HP Systems Insight Manager 7.2 Technical Reference Guide

Procedure 103 Configuring Certificate Revocation Check

1. Select certificates to enable certificate revocation:

• Server Certificates

This option takes effect only if Require Trusted Certificates is enabled. To enable this

option, go to Options→Security→Crendials→Trusted Certificates→Trusted Certificates

• Client Certificates

This option might result in validating every certificate in the certificate chain and may

lead to performance degradation.

2. There are two modes to run Certificate Revocation Check:

• Offline Mode

The CRL files should be placed in SIM’s data\CRL directory. The files should be regularly

updated for SIM to know the servers whose certificate has been revoked.

• Online Mode

HP SIM will download the CRL files from the distribution point provided in the server

certificate and perform the CRL check.

This mode can be used with Offline Mode.

To diable online mode, select Disable online mode

To enable online mode, select The Certificate Authority (CA) is reachable from CMS without

Proxy settings.

3. Click OK to save settings

Security related information

Related procedures

Exporting a server certificate

Editing a server certificate

Creating a server certificate

Synchronizing certificates

Creating a certificate signing request

Submitting a certificate signing request

Importing a CA-signed certificate

Configuring sign-in events

Configuring the system link

Managing server certificates

Replicating trusted certificates

Changing the HP SIM default SSL port

Configuring browser timeout options

Privilege elevation

Configuring Two Factor Authentication