Updating the SVP server certificate
Updating the SVP certificate renders some tasks temporarily unavailable.
■
While the SVP server certificate is being updated, tasks that are being performed or
scheduled to be performed on Device Manager - Storage Navigator are not executed.
■
Certificates for RMI communication are updated asynchronously (within
approximately two minutes).
■
If an SVP certificate is updated during Hitachi Command Suite setup operation, the
setup operation results in an error.
■
Updating the SSL certificate may cause an SVP failure. Therefore exercise care to keep
the certificate and private key consistent.
■
After the certificate update completes, the SVP server can take 30 to 60 minutes to
restart, depending on the environment. A long period of time can cause an internal
server error without displaying the update completion dialog box does. Despite this
behavior, the certificate update completes.
Creating a private key (.key file)
A private key is required to create an SSL keypair.
Procedure
1. Download and install the
openssl.exe
file from the OpenSSL website.
In the following example, the
openssl.exe
file is installed to the
c:\openssl
folder.
2. If the read-only attribute is set, remove this attribute from the
c:\openssl
folder.
3. Open a command prompt.
4. Move the current directory to the folder to which the key file is output, such as
c:\key
.
5. Execute the following command:
c:\key > c:\openssl\bin\openssl genrsa
-out server.key 2048
A file called
server.key
is created in the
c:\key
folder. This file becomes the
private key.
Creating a public key (.csr file)
A public key is required to create an SSL keypair.
Procedure
1. Open a command prompt and issue the following command:
C:\key >
c:\openssl\bin\openssl req -sha256 -new -key server.key –config
c:\openssl\bin\openssl.cfg -out server.csr
Updating the SVP server certificate
Chapter 11: Setting up SSL encryption
Service Processor Technical Reference
200
