DCFM Enterprise User Manual (53-1001775-01, June 2010)

514 DCFM Enterprise User Manual

53-1001775-01

Setting up the local Certificate Authority (CA) on SKM

To create and install a local CA, perform the following steps:

1. Login to the SKM management web console using the admin password.

2. Select the Security tab.

3. Under Certificates & CAs, click Local CAs.

4. Enter information required by the Create Local Certificate Authority section of the window to

create your local CA.

- Enter a Certificate Authority Name and Common Name. These may be the same value.

- Enter your organizational information.

- Enter the Email Address to receive messages for the Security Officer.

- Enter the Key Size. HP recommends using 2048 for maximum security.

- Select Self-signed Root CA.

- Enter the CA Certification Duration and Maximum User Certificate Duration. These values

determine when the certificate must be renewed and should be set in accordance with

your company's security policies. The default value for both is 3650 days or 10 years.

5. Click Create.

The new local CA displays under Local Certificate Authority List (Figure 211).

FIGURE 211 Creating an HP SKM Local CA

5. Under Certificates & CAs, select Trusted CA Lists to display the Trusted Certificate Authority List

Profiles.

6. Click on Default under Profile Name.