Installation Manual
Trusted certificate format
The Base64-encoded X.509 certificate data resembles the following:
-----BEGIN CERTIFICATE-----
. . . several lines of encoded data . . .
-----END CERTIFICATE-----
Extracting the HPE SIM server certificate
You can use the following methods to extract HPE SIM certificates.
• Enter one of the following links in a web browser:
For HPE SIM versions earlier than 7.0:
http://<HPE SIM name or network address>:280/GetCertificate
◦
https://<HPE SIM name or network address>:50000/GetCertificate
◦ For HPE SIM 7.0 or later:
http://<HPE SIM name or network
address>:280/GetCertificate?certtype=sso
https://<HPE SIM name or network
address>:50000/GetCertificate?certtype=sso
All request parameters are case-sensitive. If you capitalize the lowercase certtype
parameter, the parameter will not be read, and HPE SIM will return the default HPE SIM
server certificate instead of a trusted certificate.
• Export the certificate from HPE SIM:
For HPE SIM versions earlier than 7.0:
Select Options→Security→Certificates→Server Certificate.
◦
◦ For HPE SIM 7.0 or later:
Select Options→Security→HPE Systems Insight Manager Server Certificate, and
then click Export.
• Use the HPE SIM CLI tools. For example, using the alias tomcat for the HPE SIM certificate,
enter mxcert -l tomcat.
For more information, see the HPE SIM documentation.
Importing a direct DNS name
Prerequisites
Configure iLO Settings privilege
Importing a direct DNS name
1. Navigate to the Administration→Security→HPE SSO page.
2. Enter the DNS name or network address in the text box above the Import Direct DNS Name
button, and then click the button.
Viewing trusted certificates and records
Navigate to the Administration→Security→HPE SSO page.
The Manage Trusted Certificates and Records table displays the status of the trusted certificates
and records configured to use SSO with the current iLO management processor.
HPE SSO 91