HP

HP Systems Insight Manager Technical Reference Guide

English
  Networking and Security  |  Trusted Certificates  |  Requiring Trusted Certificates   

Requiring Trusted Certificates

»Table of Contents
»Index
»Notices
»Introduction
»Product Overview
»Getting Started
»Discovery and Identification
»Users and Authorizations
»Networking and Security
»About Login
»About Secure Task Execution
»Configuring the System Link
»Configuring Login Events
»Configuring Browser Timeout Options
»Server Certificates
»Trusted Certificates
»Importing Trusted Certificates
»Exporting Trusted Certificates
»Deleting Trusted Certificates
Requiring Trusted Certificates
»Setting Up Trust Relationships
»Monitoring Systems, Clusters, and Events
»Storage Integration
»Managing with Tasks
»Tools that Extend Management
»Partner Applications
»Reporting
»Administering Systems and Events
»Troubleshooting
»Reference Information
»Printable version
»Glossary
»Using Help
» Related Procedures
» Related Topic

Trusted system certificates are certificates that represent managed systems. Enabling the Require trusted certificates option on the Trusted System Certificates page allows HP Systems Insight Manager (HP SIM) to authenticate the remote managed system. For ease of use, this option is disabled, which is the typical scenario, and maintains a high level of security. For maximum security, this option should be enabled, which requires some extra configuration.

If Require trusted certificates is enabled, when HP SIM attempts to make a Secure Sockets Layer (SSL) connection to a managed system, a certificate representing that system must be found in the HP SIM keystore or the SSL connection fails, and the attempted operation fails as well. The certificate representing the system can be the system SSL system certificate, or the Certificate Authority (CA) level certificate that was used to sign the system certificate. For many systems, having a handful of CA level certificates sign all the system certificates can simplify the management and maintenance of the system certificates. However, this option requires the presence of a Public Key Infrastructure (PKI) in your environment or the services of a third-party security company.

If you select the Require trusted certificates option, a warning message appears indicating that certain features work only for systems whose certificates are represented in the Trusted System Certificates List.

The HP SIM Trusted System Certificates list is only used when Require trusted certificates is enabled.

Changing the Require trusted certificates option can adversely affect the operation of HP SIM. Carefully read and understand the displayed warning as described below.

When using a CA level certificate, any valid certificate signed by the CA level certificate is accepted by HP SIM, whether it is already issued or issued at some point in the future.

Related Procedures

» Trusted Certificates - Importing Trusted Certificates
» Trusted Certificates - Exporting Trusted Certificates
» Trusted Certificates - Deleting Trusted Certificates

Related Topic

» Networking and Security - Trusted Certificates
» Trusted Certificates - Setting Up Trust Relationships
» Tools that Extend Management - Installing OpenSSH
» Administering Systems and Events - Managing SSH Keys