HP Systems Insight Manager 5.2 Update 2 Technical Reference Guide

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager for Linux

171

172

173

174

175

176

177

178

179

180

The Trusted System Certificate List page includes the following options:

• Always Accept If Always Accept is selected, SSL always accepts the certificate presented by a system

in the SSL connection. This setting is the default and is vulnerable to man-in-the-middle attacks, but it is

the easiest option to use.

• Require If Require is selected, you must set up the trust by manually installing the system’s certificate

into the HP SIM Trusted System Certificate List. This option is the most secure, but it is the most difficult

to implement.

HP SIM provides the following trusted certificate options:

• Import trusted certificate. Select Options→Security→Certificates→Trusted Certificates, and

then click Import.

• Export certificate Select Options→Security→Certificates→Trusted Certificates, and then click

Export.

• Delete trusted certificate Select Options→Security→Certificates→Trusted Certificates, select

the certificates to be deleted, and then click Delete.

Related procedures

• Importing trusted certificates

• Exporting trusted certificates

• Deleting trusted certificates

Related topics

• Requiring trusted certificates

• Administering systems and events

• Server certificates

• Requiring trusted certificates

• Setting up trust relationships

• Replicating trusted certificates

• Possible certificate errors

• Installing OpenSSH

• Managing SSH keys

Importing trusted certificates

If you have selected Require on the Trusted System Certificates page, you must import certificates that

represent the

managed systems

you want to trust to the Trusted Certificates List. You can import the

certificate

of the system itself on a per-system basis. You can also import the signing certificate of the

Certificate Authority

(CA)

or intermediate CA used to sign and issue certificates for groups of systems, which simplifies the

maintenance of this list.

NOTE: Only users with

administrative rights

can import certificates into the HP Systems Insight Manager

(HP SIM) Trusted System Certificates List.

NOTE: HP SIM only supports importing certificates that have public key sizes of 2,048 bits or less.

To import certificates into the Trusted System Certificates List:

1. Select Options→Security→Certificates→Trusted Certificates, and then click Import. The Import

Trusted System Certificate section appears.

2. Next to the Certificate filename field, click Browse.

The Choose file dialog box appears.

3. Navigate to the location of the certificate to be imported, and then select the file name. Click Open.

The certificate is imported.

178 Networking and security