Manualshelf

HP SIM V5.1 User Guide (356920-009, January 2007)

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager 5.x HP-UX Software
141142143144145146147148149150
Certificates
HP SIM allows secure and authorized management from the
Central Management Server
(CMS). Users'
authorizations for managed systems and the CMS can be configured, helping ensure only authorized users
perform state-changing operations. Communication between the CMS, managed systems, and the browser
is secured using SSL and certificates, helping to authenticate systems and protect user credentials and
management data.
A new SSL certificate is created during CMS initialization that is used as a client credential in WBEM requests
instead of the CMS certificate. Select Use certificate instead in the WBEM settings section of the System
Protocol Settings page to authenticate using the WBEM certificate. See “Setting protocols for a system or
groups of systemsfor more information. To configure the WBEM certificate, use the Configure or Repair
Agents. See “Configure or Repair Agentsfor more information.
NOTE: The WBEM client certificate authentication feature is only supported on HP-UX systems which have
WBEM Services 2.5 installed for HP SIM.
Related procedures
Configuring the system link
Configuring login events
Configuring login events
Changing the HP SIM default SSL port
Setting protocols for a system or groups of systems
Configure or Repair Agents
Related topics
Server certificates
Trusted certificates
Possible certificate errors
Users and authorizations
About login
About secure task execution
About login
Single Login
Single Login
allows a link within an HP Systems Insight Manager (HP SIM) page to establish an authenticated
browser session to a
managed system
that supports Single Login without requiring
users
to re-enter their user
names and passwords. However, if you are trying to establish an authenticated browser session with another
instance of HP Systems Insight Manager running on another system, you must re-enter your user name and
password. Single Login links exist wherever there is a link to another system.
NOTE: HP SIM is the initial point of authentication, and browsing to another managed system must be
from within HP SIM.
If you browse to a managed system using any method other than the links within HP SIM, Single Login is
not supported, and you are required to enter the appropriate user name and password for each managed
system. Managed systems must be set up to trust an HP SIM system before accepting a Single Login command.
Trust is set up at the system by importing the HP SIM system certificate into the Trusted Management Servers
List of the system. See “Setting up trust relationshipsfor more information.
150 Networking and security