HP Systems Insight Manager 5.3 Installation and Configuration Guide for Windows HP Part Number: 418812-005
f. Select the level of security you want to provide from one of the three trust modes:
• Trust By Certificate
Select Trust By Certificate, and click Next. The Trusted Certificates window appears.
The Trusted Certificates window allows trusted
certificate
files to be added to the
Trusted Certificate List.
i.
ii. Click Add File to browse and select any certificates to be included in the Trusted
Certificate List. The Select File window appears. If an invalid file name is entered in
the file name field, an error message appears, indicating the file does not exist. Click
OK to select another file, or click Open to add the file to the Trusted Certificate List.
The Trusted Certificate List appears. Click Next.
NOTE: If you click Next without adding any certificates to the list, and no certificates
exist from a previous installation, a message appears, indicating that if you do not specify
any trusted certificates, HP SIM cannot access the HP Insight Management Agent on this
system. Click OK if you do not want HP SIM to access the Insight Management Agent
on this system, or click Cancel to close the window and add the trusted certificates to
the list.
NOTE: The Trust By Certificates option enables the HP System Management
Homepage system and the HP SIM system to establish a trust relationship by means of
certificates. This mode is the strongest method of security because it requires certificate
data and verifies the digital signature before enabling access.
or
i. Click Import. The Import Server Certificate window appears.
ii. Enter the name or IP address of the server whose certificate you want to import.
iii. Click Get Cert. The certificate information appears.
iv. Verify the certificate information. If you want to add this certificate to the Trusted
Certificate List, click Accept and the certificate is added to the Trusted Certificate
List, or click Cancel if you do not want to add it to the Trusted Certificate List. The
Trusted Certificate List appears. Click Next.
NOTE: You can add an unlimited number of trusted certificates.
NOTE: To delete a certificate, select the certificate, and click Delete. The selected
certificate is removed.
v. From the IP Binding window, select the IP Binding checkbox if you would like to bind
to IP addresses that match a specific subnet and mask. Click Next.
vi. From the IP Restricted Logins window, select the Enable IP Restricted Logins
checkbox if you would like to include or exclude specific IP addresses or IP address
ranges. Click Next, and the Summary Panel appears.
• Trust By Name
Select Trust By Name. Click Next. The Trusted Server window appears. Enter the
names of the servers you want to trust.
Although the Trust By Name mode is a slightly stronger method of security than the
Trust All mode, it still leaves your system vulnerable to security attacks. The Trust By
i.
Name mode sets up the HP System Management Homepage to only accept certain
requests from servers with the HP SIM names designated in the Trust By Name field.
The Trust By Name option is easy to configure and can prevent non-malicious access.
For example, you might want to use the Trust By Name option if you have a secure
network, but your network has two groups of administrators in two separate divisions.
The Trust By Name option would prevent one group from installing software to the
wrong system. This option does not verify anything other than the HP SIM server name
submitted.
NOTE: The server name cannot contain the following characters:
36 Installing HP SIM on the Central Management Server (CMS) for the first time