Updating the SVP server certificate
Updating the SVP certicate renders some tasks temporarily unavailable.
■
While the SVP server certicate is being updated, tasks that are being performed or
scheduled to be performed on Device Manager - Storage Navigator are not executed.
■
Certicates for RMI communication are updated asynchronously (within
approximately two minutes).
■
If an SVP certicate is updated during Hitachi Command Suite setup operation, the
setup operation results in an error.
■
Updating the SSL certicate may cause an SVP failure. Therefore exercise care to keep
the certicate and private key consistent.
■
After the certicate update completes, the SVP server can take 30 to 60 minutes to
restart, depending on the environment. A long period of time can cause an internal
server error without displaying the update completion dialog box does. Despite this
behavior, the certicate update completes.
Creating a private key (.key file)
A private key is required to create an SSL keypair.
Procedure
1. Download and install the openssl.exe le from the OpenSSL website.
In the following example, the openssl.exe le is installed to the c:\openssl
folder.
2. If the read-only attribute is set, remove this attribute from the c:\openssl folder.
3. Open a command prompt.
4. Move the current directory to the folder to which the key le is output, such as
c:\key.
5. Execute the following command: c:\key > c:\openssl\bin\openssl genrsa
-out server.key 2048
A le called server.key is created in the c:\key folder. This le becomes the
private key.
Creating a public key (.csr file)
A public key is required to create an SSL keypair.
Procedure
1. Open a command prompt and issue the following command: C:\key >
c:\openssl\bin\openssl req -sha256 -new -key server.key –config
c:\openssl\bin\openssl.cfg -out server.csr
Updating the SVP server certicate
Chapter 11: Setting up SSL encryption
Service Processor Technical Reference 200
To Next Page
Loading...
