Management Processor Card Firmware Upgrade Product Update - HP integrity rx2600 and HP integrity rx5670
Management Processor Card Firmware Upgrade
Using SSL
Chapter 2
15
Using SSL
SSL allows secure connections to MP using a browser. To use SSL, you must have previously generated a
certificate.
The MP uses RSA libraries to implement the SSL protocol. SSL uses the following encryption standards:
• 1024-bit SSL and 128-bit RC4 encryption of web console data.
• RSA keys stored in ANS1 format.
• SSL key is 1024 bits.
• SSL uses an X509 Certificate stored in ANS1 format.
Setting Up SSL
To use SSL, the following actions must be taken:
• Activate SSL
• Generate a certificate
• Reboot MP to start browsing as an HTTPS server
Activate SSL
To activate SSL, complete the following steps:
Step 1. From the web console, enable SSL using the SO command.
Step 2. Generate a certificate by using the CG command.
Generate a Certificate
To generate a certificate, complete the following steps:
Step 1. Type CG at the MP command handler. If you have a certificate, the expiration date should be
shown.
Step 2. The command displays the current certificate parameters. Enter or edit any information desired.
Press
Enter when editing is completed.
Step 3. The firmware generates both a key and certificate. It is not necessary to generate a key
independently. This command takes several minutes to complete.
The CG command instructs you to restart the GSP and the browser.
Step 4. Reset GSD using the R option of the XD command: XD -R
Step 5. Exit all sessions of your browser.
Using the Secure Connection
The browser used for accessing the secure connection must have the following capabilities:
• SSL version 3 enabled
• Support 1024 bit encrypted certificates