HP Systems Insight Manager 5.3 Technical Reference Guide

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager for HP-UX

181

182

183

184

185

186

187

188

189

190

• Networking and security

• Installing OpenSSH

• Managing SSH keys

Deleting trusted certificates

CAUTION: The delete process is irreversible. Use this feature with caution!

To delete certificates from the Trusted System Certificates List:

1. Select Options→Security→Credentials→Trusted Systems.

2. Select the certificates to be deleted.

3. Click Delete. A dialog box appears.

4. To delete the certificates, click Yes, or to cancel the delete process and return to the Trusted System

Certificates page, click Cancel.

Related procedures

• Importing trusted certificates

• Exporting trusted certificates

• Requiring trusted certificates

Related topics

• Trusted certificates

• Server certificates

• Networking and security

• Installing OpenSSH

• Managing SSH keys

Requiring trusted certificates

Trusted system certificates are certificates that represent managed systems. Enabling the Trusted System

Certificate option enables HP SIM to authenticate the remote managed system. For ease of use, this option

is disabled; this scenario is typical and maintains a high level of security. For maximum security, this option

should be enabled, which requires extra configuration.

If Require is enabled, when HP SIM attempts to make an SSL connection to a managed system, a certificate

representing that system must be found in the HP SIM keystore or the SSL connection and attempted operation

fails. The certificate representing the system can be the system's SSL system certificate or the CA level certificate

that was used to sign the system's certificate. For large numbers of systems, using having a handful of CA-level

certificates to sign all the system certificates can simplify the management and maintenance of the system

certificates. However, this option requires the presence of a certificate system in your environment, or the

services of a third-party security company.

CAUTION: If you select the Require option, a warning message appears, indicating that certain features

work only for systems whose certificates are represented in the Trusted Certificate List.

The HP SIM Trusted System Certificates List is only used when the Require option is enabled.

IMPORTANT: Changing the Require option can adversely affect the operation of HP SIM. Carefully read

and understand the warning described in this section.

When using a CA-level certificate, any valid certificate signed by the CA-level certificate is accepted by HP

SIM, whether it is already issued or issued at some point in the future.

To enable the Require option:

Trusted certificates 183