Manualshelf

HP XP7 DKA Encryption User Guide (TK901-96001)

ManualsBrandsHP ManualsComputer AccessoriesHP XP P9500 Storage DKC Module-1 Controller Upgrade Base Rack
11121314151617181920
Preparing the client certificate workflow
Use the following process to prepare the client certificate, which includes setting the client certificate
expiration date and password:
1. Download and install openssl.exe from http://www.openssl.org/ to the C:\openssl
folder.
2. Create the key file. You can create the following types of key files:
Private key file.
For more information about creating a private key file, see “Creating a private SSL key
file” (page 14).
Public key file.
For more information about creating a public key file, see “Creating a public SSL key
file” (page 14).
3. Convert the client certificate to PKCS#12 format.
For more information about converting the client certificate, see “Converting the client certificate
to the PKCS#12 format” (page 15).
4. Upload the root and client certificates to the SVP.
For more information uploading the root and client certificate, see “Converting the client
certificate to the PKCS#12 format” (page 15).
Private key file creation workflow
(Windows Vista) Prepare private and public SSL key files to use with the EDKA feature.
1. If the read-only attribute is set, release it from the c:\key folder.
2. Create the private key file.
For more information about creating a private key file, see “Creating a private SSL key file
(page 14).
3. Create the public key file.
For more information about creating public key files, see “Creating a public SSL key file
(page 14).
Creating a private SSL key file
Create a private SSL key file to use with the EDKA feature. A private key file has the extension
(.key).
1. Open a command prompt.
2. Move the current directory to the folder where you have saved the key file (for example, c:\
key).
3. From a command prompt, run the following command:
c:\key > c:\openssl\bin\openssl genrsa -out server.key 1024
Creating a public SSL key file
Create a public SSL key file to use with the EDKA feature. A public key file has the extension (.csr).
1. Open a command prompt.
2. Move the current directory to the folder where you have saved the key file (for example, c:\
key).
3. From a command prompt, run the following command:
c:\key > c:\openssl req -sha256 -new -key server.key -config
c:\openssl\bin\openssl.cfg -out server.csr
14 Key Management Server Connections