HP MSA 1040 SMU Reference Guide (762784-001, March 2014)
Installing a security certificate 165
Installing a security certificate
The storage system supports use of unique certificates for secure data communications, to authenticate that the
expected storage systems are being managed. Use of authentication certificates applies to the HTTPS protocol, which
is used by the web server in each controller module.
As an alternative to using the CLI to create a security certificate on the storage system, you can use FTP to install a
custom certificate on the system. A certificate consists of a certificate file and an associated key file. The certificate
can be created by using OpenSSL, for example, and is expected to be valid. If you replace the controller module in
which a custom certificate is installed, the partner controller will automatically install the certificate file to the
replacement controller module.
To install a security certificate
1. In SMU, prepare to use FTP:
a. Determine the network-port IP addresses of the system’s controllers; see "Changing network interface settings"
(page 48).
b. Verify that the system’s FTP service is enabled; see "Changing management interface settings" (page 40).
c. Verify that the user you will log in as has permission to use the FTP interface; see "Modifying users"
(page 44).
2. Open a Command Prompt (Windows) or a terminal window (UNIX) and navigate to the directory that contains
the certificate files.
3. Enter:
ftp controller-network-address
For example:
ftp 10.1.0.9
4. Log in as a user that has permission to use the FTP interface.
5. Enter:
put certificate-file-name cert-file
where certificate-file-name is the name of the certificate file for your specific system.
6. Enter:
put key-file-name cert-key-file
where key-file-name is the name of the security key file for your specific system.
7. Restart both Management Controllers to have the new security certificate take effect.