HP SIM V5.1 User Guide (356920-009, January 2007)
6. Paste the contents of the certificate file into this box, and click Add Cert underneath the box. A
confirmation window appears with three links at the top.
7. Click Options, and scroll down to the Trusted Certificates section. A list called Trusted Certificates:
appears, with the server name and two links: View Certificate and Remove Certificate, for the HP
SIM Certificate that was just added.
Requesting the HP SIM certificate
Enter the HP SIM server name in the appropriate field, and click the corresponding Get Cert button. The
managed system makes an HTTP request directly to the HP SIM server for its certificate.
Note: Because this is a nonsecure request over HTTP, a malicious party could intercept the request and
substitute a bogus certificate in response to the request. A more secure method for obtaining the HP SIM
Certificate is described in “Importing the HP SIM certificate” for more information.
Configuration at Onboard Administrator
To enable Single Login support in Onboard Administrator 1.20 or later, see the Onboard Administrator
documentation.
Configuration at HP StorageWorks Command View EVA
To enable Single Login support in HP StorageWorks Command View EVA 6.0 or later, see the HP
StorageWorks Command View EVA documentation.
Configuration at HP SIM
System identification
A System Identification Task must be run at least once against any managed system for HP SIM to know that
it supports Single Login and Secure Task Execution, or these features will not work.
Certificates for trusted systems
If you have enabled Require on the Trusted System Certificates page (select
Options→Security→Certificates→Trusted Cer tificate), import certificates that represent the managed
systems you want the HP SIM server to trust into the Trusted System Certificates List of HP SIM. For the
managed device certificate, you can use its certificate, or, if applicable, the certificate the Certificate Authority
(CA) used to sign the system certificate.
NOTE: If Require is disabled on the Trusted Certificates page, the Trusted System Certificates List is not
used, and you may omit this section.
Before importing system certificates into the HP SIM Trusted System Certificates List, export the certificates
to a file in Distinguished Encoding Rules (DER) or Base64 encoded format. For obtaining the system certificate,
you can:
• For systems running Windows for which you have access to the file system, copy the certificate in the
file c:\compaq\wbem\cert.pem in Base64-encoded format, to somewhere accessible by HP SIM
or access it directly, if it is already accessible by HP SIM.
• Export the system certificate while browsing to the system. Select File→Properties from the browser
menu. Click Certificates. Click the Details tab, and then click Copy to File. Export the certificate as
a Base64-encoded X.509 file.
For obtaining the CA certificate, contact your CA, or see documentation provided with your certificate server
software. To import managed system certificates into the HP SIM Trusted System Certificates List:
1. Select Options→Security→Certificates→Trusted Certificates, and then click Import. The Import
Trusted System Certificate section appears.
2. Next to the Cer tificate Filename field, click Browse.
The Choose file dialog box appears.
3. Navigate to the location of the certificate to be imported, and select the file name. Click Open.
The certificate is imported.
Trusted certificates 171