Trusted system certificates are certificates that represent managed systems. Enabling the Require trusted certificates option on the Trusted System Certificates page allows HP Systems Insight Manager (HP SIM) to authenticate the remote managed system. For ease of use, this option is disabled, which is the typical scenario, and maintains a high level of security. For maximum security, this option should be enabled, which requires some extra configuration.
If Require trusted certificates is enabled, when HP SIM attempts to make a Secure Sockets Layer (SSL) connection to a managed system, a certificate representing that system must be found in the HP SIM keystore or the SSL connection fails, and the attempted operation fails as well. The certificate representing the system can be the system SSL system certificate, or the Certificate Authority (CA) level certificate that was used to sign the system certificate. For many systems, having a handful of CA level certificates sign all the system certificates can simplify the management and maintenance of the system certificates. However, this option requires the presence of a Public Key Infrastructure (PKI) in your environment or the services of a third-party security company.
Related Procedures
Related Topic
|