232
IBM
Eserver
p5 590 and 595 System Handbook
Whether the secure system manager server is configured.
Whether the private key for this system manager server is installed.
Whether this system is configured as a Certificate Authority.
Certificate Authority
Define one HMC as a Certificate Authority to generate keys and certificates for
your HMC servers and clients.
A Certificate Authority verifies the identities of the HMC servers to ensure secure
communications between clients and servers. To define a system as a Certificate
Authority, you must be logged in as the hscroot user at the machine being
defined as the internal Certificate Authority. This procedure defines a system as
an internal Certificate Authority for HMC security and creates a public key ring file
for the Certificate Authority that you can distribute to all of the clients that access
the HMC servers.
A wizard guides you through configuring the Certificate Authority. After you
define the internal Certificate Authority, you can use the CA to create the private
key files for the HMCs that you want to manage remotely. Each HMC server must
have its private key and a certificate of its public key signed by a Certificate
Authority that is trusted by the HMC clients. The private key and the server
certificate are stored in the server’s private key file.There is an option to copy the
private key ring files to a diskette so you can install them on your servers.
8.6.1 Server security
This option allows you to install the private key ring file that you have copied to
diskette from the HMC server that is acting as the Certificate Authority.Once you
have copied the private key file there is another option to configure the HMC as a
secure server so that secure, remote clients can be used to remotely manage the
HMC.
There is a remote client available for download from the HMC itself. It is called
the Web-based System Management remote client and there is a Windows
OS-based version and a Linux OS-based version. To run in secure mode a
second file needs to be downloaded to the client. This is also available for
download from the HMC.
To download the Web-based System Management remote client to your
Windows OS-based or Linux OS-based PC, type in the following address from
your Web Browser:
Note: You cannot perform the server security function using a remote client.
Summary of Contents for p5 590
Page 2: ......
Page 16: ...xiv IBM Eserver p5 590 and 595 System Handbook...
Page 38: ...16 IBM Eserver p5 590 and 595 System Handbook...
Page 106: ...84 IBM Eserver p5 590 and 595 System Handbook...
Page 132: ...110 IBM Eserver p5 590 and 595 System Handbook...
Page 160: ...138 IBM Eserver p5 590 and 595 System Handbook...
Page 215: ...Chapter 7 Service processor 193 Figure 7 21 Current boot sequence menu default boot list...
Page 216: ...194 IBM Eserver p5 590 and 595 System Handbook...
Page 264: ...242 IBM Eserver p5 590 and 595 System Handbook Figure 8 40 Detail view of a service event...
Page 280: ...258 IBM Eserver p5 590 and 595 System Handbook...
Page 286: ...264 IBM Eserver p5 590 and 595 System Handbook Figure C 3 Planning information...
Page 298: ...276 IBM Eserver p5 590 and 595 System Handbook...
Page 302: ...280 IBM Eserver p5 590 and 595 System Handbook...
Page 312: ...290 IBM Eserver p5 590 and 595 System Handbook...
Page 313: ...0 5 spine 0 475 0 875 250 459 pages IBM Eserver p5 590 and 595 System Handbook...
Page 314: ......
Page 315: ......