Manualshelf

HP OneView 1.05 User Guide

ManualsBrandsHP ManualsSoftwareHP OneView w/o iLO Adv incl 3yr 24x7 Supp Phys Flex Qty Lic
41424344454647484950
Example 1 Sample audit entries: user login and logout
2013-09-16 14:55:20.706 CST,Authentication,,,administrator,jrWI9ych,,,
SUCCESS,LOGIN,INFO,CREDENTIAL,,Authentication SUCCESS
.
.
.
2013-09-16 14:58:15.201 CST,Authentication,,,MISSING_UID,jrWI9ych,,,
SUCCESS,LOGOUT,INFO,CREDENTIAL,,TERMINATING SESSION
3.8 Choosing a policy for the audit log
Choose a policy for downloading and examining the audit log.
The audit log contains a record of actions performed on the appliance, which you can use for
individual accountability. As the audit log gets larger, older information is deleted. To maintain a
long-term audit history, you must periodically download and save the audit log.
For more information about the audit log, see “Understanding the audit log” (page 48).
3.9 Appliance access over SSL
All access to the appliance is through HTTPS (HTTP over SSL), which encrypts data over the network
and helps to ensure data integrity. For a list of supported cipher suites, see Algorithms for securing
the appliance” (page 54).
3.10 Managing certificates from a browser
3.10.1 Overview
A certificate authenticates the appliance over SSL. The certificate contains a public key, and the
appliance maintains the corresponding private key, which is uniquely tied to the public key.
NOTE: This section discusses certificate management from the perspective of the browser. For
information on how a non-browser client (such as cURL) uses the certificate, see the documentation
for that client.
The certificate also contains the name of the appliance, which the SSL client uses to identify the
appliance.
The certificate has the following boxes:
Common Name (CN)
This name is required. By default it contains the fully qualified host name of the appliance.
Alternative Name
The name is optional, but HP recommends supplying it because it supports multiple names
(including IP addresses) to minimize name-mismatch warnings from the browser.
By default, this name is populated with the fully qualified host name (if DNS is in use), a short
host name, and the appliance IP address.
NOTE: If you enter Alternative Names, one of them must be your entry for the Common
Name.
These names can be changed when you manually create a self-signed certificate or a certificate
signing request.
50 Understanding the security features of the appliance