Users with full configuration rights can create a new self-signed certificate when they must replace the HP Systems Insight Manager Secure Sockets Layer (SSL) Server Certificate and Private Key under the following situations:
This self-signed certificate is configured to expire 10 years from its date of creation.
Create a new self-signed certificate when you must replace the HP Systems Insight Manager SSL Server Certificate and Private Key. The public key is included in the certificate that goes out to the client. The private key is kept secure in the Keystore Database on the HP Systems Insight Manager server file system. The Public and Private Key pair of the Management HTTP Server (residing on the same system) are overwritten with the new HP Systems Insight Manager Public and Private Key pair.
Valid characters for each of these fields are a through z (lower case), A through Z (upper case), 0 through 9, and the following special characters: ‘, (, ), +, ,, -, ., /, :, ?, space, _, and ~. Each field must contain at least one non-whitespace character.
To create a new certificate:
Select OptionsSecurityCertificatesServer Certificates, and then click
The New Server Certificate section is displayed. The fields are automatically populated with default values. However, you can change the information:
The Common Name (CN) field holds the parameter that the browser uses for name comparison when browsing to the central management server. This field can be updated with other name formats, such as fully-qualified names, and can contain up to 64 characters.
In the Organization (O) field, enter the name of your organization. This field can contain up to 64 characters.
In the Organizational Unit (OU) field, enter the name of your department. This field can contain up to 64 characters.
In the Locality (L) field, enter the name of your city. This field can contain up to 128 characters.
In the State (S) field, enter the name of your state. This field can contain up to 128 characters.
In the Country (C) field, enter the name of your country. This field can contain up to two characters, using the two-letter country codes.
After changes are made, click [OK]. If you click [Cancel], you are returned to the Server Certificate page without creating a new server certificate. A warning is displayed reminding you of the effects of changing the certificate and private key. If you click [OK] in the warning box to continue, a new 1024 bit key-pair and a new self-signed certificate are generated. The old key-pair and certificate are not retrievable unless a backup was created manually before this process.
The new certificate and private key take effect the next time HP Systems Insight Manager is restarted. Reboot the HP Systems Insight Manager server to ensure the new certificate is properly synchronized with the local Management HTTP Server and any applications or components using the certificate sharing directory.
After creating a new server certificate, reboot the HP Systems Insight Manager server for the HP Systems Insight Manager server certificate to be synchronized with the HTTP Server Certificate. Synchronizing the certificates prevents repeated browser security alerts when browsing to HP Insight Management Agents on the HP Systems Insight Manager server.