HP Systems Insight Manager 5.3 Technical Reference Guide
3. Click OK. If you click Cancel, you return to the Server Certificate page without creating a new server
certificate. A warning appears, reminding you about the effects of changing the certificate and private
key. If you click OK in the warning box to continue, a new 1,024-bit key-pair and a new self-signed
certificate are generated. The old key-pair and certificate are not retrievable unless a backup was
created manually before this process. The new certificate and private key take effect the next time HP
SIM is restarted.
4. Reboot the HP SIM server to ensure the new certificate is properly synchronized with the local HP SMH
and any applications or components using the certificate sharing directory. After creating a new server
certificate, reboot the HP SIM server for the HP SIM server certificate to be synchronized with the HTTP
server certificate. Synchronizing the certificates prevents repeated browser security alerts when browsing
to HP Insight Management Agent on the HP SIM server.
Related procedures
• Exporting a server certificate
• Importing a server certificate
• Editing a server certificate
• Synchronizing certificates
Related topics
• Server certificates
• Installing OpenSSH
• Managing SSH keys
Editing a server certificate
Edit a server
certificate
to change fields in an existing certificate. This modification might be required if you
submit a CSR to an external
CA
.
NOTE: On Windows and Linux, this process also affects the local HP System Management Homepage
certificate and private key on HP-UX systems, it affects the WBEM Services certificate and private key.
NOTE: Valid characters for each of these fields include letters a through z (lowercase), A through Z
(uppercase), numbers 0 through 9, and the following special characters: ‘ ( ) + , - . / : ? space _ and ~.
Each field must contain at least one non-white space character.
To edit a server certificate:
1. Select Options→Security→HP Systems Insight Manager Server Certificate, and then click Edit.
The Edit Server Certificate section appears.
2. Edit the following fields as necessary:
Note: The Common Name (CN) field and the key pair cannot be modified, so the trust relationships
with any HP System Management Homepages remain in tact. However, the browser trust must be
re-established by importing the modified certificate and deleting the old certificate from the browser.
a. (Optional) In the Alternative Names field, enter multiple system names separated by a comma.
If a name identical to the CN is specified in the Alternative Names field, it is not duplicated in
the certificate.
Alternative names are case-sensitive. Therefore, if a duplicate case-sensitive name is entered, it is
not duplicated in the certificate. For example, if SYS1, sys1, and SYS1 are entered, SYS1 is only
listed once in the certificate.
The alternative names might appear in a different order from the order you enter them. However,
this does not affect their usage.
b. In the Organization (O) field, enter the name of your organization. This field can contain up to
64 characters.
c. In the Organizational Unit (OU) field, enter the name of your department. This field can contain
up to 64 characters.
d. In the Locality (L) field, enter the name of your city. This field can contain up to 128 characters.
Server certificates 173