8 Initializing the software for the first time
After you have installed and configured HP SMH for the first time, a process to create a private key and
corresponding self-signed Base64-encoded certificate is initiated. This certificate is a Base64-encoded PEM
file.
Key and certificate information
•
In HP-UX operating systems, both public and private keys for HP SMH are stored in the
/var/opt/hpsmh/sslshare
directory. The files are called
file.pem
(private key) and
cert.pem
(server certificate).
With HP SMH running on Apache 2.2 (HP-UX 11iv3), the Apache Tomcat communication requires
certificate-based authentication through
https
connection on port 1188 (by default). The certificate
/var/opt/hpsmh/sslshare/proxy.pem
, generated during installation, is used for this purpose.
For effective Apache Tomcat communication required to launch the Java plug-ins, do not alter this
certificate on the system.
•
In Linux operating systems, both public and private keys for HP SMH are stored in the
/etc/opt/hp/sslshare
directory. The files are called
file.pem
and
cert.pem
.
•
In Windows operating systems, public and private keys are stored in the
<System
Drive>:\hp\sslshare
directory of the system drive.
To protect the keys, this subdirectory is only accessible to administrators if the file system allows such
security. For private key security reasons, HP recommends that you install Windows installations of HP
SMH on New Technology File System (NTFS).
IMPORTANT:
For Windows operating systems, the file system must use NTFS for the private key to have
administrator only access through the file.
If the private key is compromised, you can delete the
<System Drive>:\hp\sslshare\cert.pem
file
and restart the server. This action causes HP SMH to generate a new certificate and private key.
NOTE:
Certificate and private key generation occurs only the first time HP SMH starts or when no certificate
and key pair exists.
A certificate from a certificate authority (CA), such as Verisign or Entrust, can replace self-generated certificates.
These certificate and key files are shared with other HP Management software, such as HP SIM.
Key and certificate information
59
Содержание Integrity BL860c
Страница 6: ...6 ...
Страница 10: ...10 ...
Страница 12: ...12 ...
Страница 20: ...20 ...
Страница 28: ...28 Installing HP SMH on a Windows operating system ...
Страница 34: ...34 ...
Страница 50: ...50 ...
Страница 52: ...52 ...
Страница 58: ...58 ...
Страница 60: ...60 ...
Страница 64: ...64 ...
Страница 68: ...68 ...