HP System Management Homepage Installation Guide, May 2005
Chapter9.Initializing the Software
for the First Time
This chapter provides an overview of how to initialize the System Management Homepage.
After the System Management Homepage has been installed and configured for the first time, a
process to create a private key and corresponding self-signed base64 encoded certificate is initiated.
This certificate is a base64-encoded PEM file.
●
In HP-UX, both public and private keys for the System Management Homepage are stored in
the /var/opt/hpsmh/sslshare directory. The files are called file.pem (private key) and
cert.pem (server certificate).
●
In Linux, both public and private keys for the System Management Homepage are stored in the
/opt/hp/sslshare directory. The files are called file.pem and cert.pem.
●
In Windows, public and private keys are stored in the \hp\sslshare directory of the
system drive.
To protect the key, this subdirectory is only accessible to administrators if the file system allows
such security. For private key security reasons, HP highly recommends that Windows installations
of the System Management Homepage be installed on New Technology File System (NTFS).
Important:
For Windows operating systems, the file system must be NTFS for the private key to
have administrator only access through the file.
If you feel that the private key has been compromised, the administrator can delete
the \hp\sslshare\cert.pem file and restart the server. This action causes the
System Management Homepage to generate a new certificate and private key.
Note:
Certificate and private key generation only occur the first time the System
Management Homepage is started or when no certificate and key pair exists.
A certificate from a Certificate Authority (CA), such as Verisign or Entrust, can be
used to replace self-generated certificates. These certificate and key files are shared
with other HP Management software, such as HP Systems Insight Manager.
44