HP Systems Insight Manager 5.3 Technical Reference Guide
6. Paste the contents of the certificate file into this box, and then click Add Cert. A confirmation window
appears with three links at the top.
7. Click Options, and scroll down to the Trusted Certificates section. The Trusted Certificates: list
appears with the server name and links to View Certificate and Remove Cer tificate for the HP SIM
certificate that was just added.
Requesting the HP SIM certificate
Enter the HP SIM server name in the appropriate field, and then click the corresponding Get Cert button.
The managed system makes an HTTP request directly to the HP SIM server for its certificate.
Note: Because this is a nonsecure request over HTTP, a malicious party could intercept the request and
substitute an untrusted certificate in response to the request. A more secure method for obtaining the HP SIM
certificate is described in “Importing the HP SIM certificate” for more information.
Onboard Administrator configuration
To enable Single Sign On support in Onboard Administrator 1.20 or later, see the Onboard Administrator
documentation.
HP StorageWorks Command View EVA configuration
To enable Single Sign On support in HP StorageWorks Command View EVA 6.0 or later, see the
HP
StorageWorks Command View EVA user guide
.
With HP SIM 5.2 and later, the cv-tools.xml file is automatically installed and configured. An account
in HP SIM based on the default administrator template will have administrator rights in Command View EVA
and an account based on the default user template will have user rights in Command View EVA.
HP SIM configuration
System identification
A system identification task must be run at least once on any managed system for HP SIM to know that the
system supports Single Sign On and Secure Task Execution, or these features do not function.
Certificates for trusted systems
If you have enabled Require on the Trusted System Certificates page (select
Options→Security→Credentials→Trust Relationships), import certificates that represent the managed
systems you want the HP SIM server to trust into the Trusted System Certificates List of HP SIM. For the
managed system certificate, you can use the system certificate, or, if applicable, the certificate the CA, used
to sign the system certificate.
NOTE: If Require is disabled on the Trusted Certificates page, then Trusted System Certificates List is
not used, all certificates are accepted, and you can omit this section.
Before importing system certificates into the HP SIM Trusted System Certificates List, export the certificates
to a file in DER or Base64-encoded format. To obtain the system certificate, you can:
• For Windows systems with which you have access to the file system, copy the certificate from the file
c:\compaq\wbem\cert.pem in Base64-encoded format, to some place accessible by HP SIM or
access it directly if it is already accessible by HP SIM.
• Export the system certificate while browsing to the system. Select File→Properties from the browser
menu. Click Certificates. Click the Details tab, and then click Copy to File. Export the certificate as
a Base64-encoded X.509 file.
To obtain the CA certificate, contact your CA, or see the documentation provided with your certificate server
software. To import managed system certificates into the HP SIM Trusted System Certificates List:
186 Networking and security