HP

HP System Management Homepage

English
  The Settings Page  |  Security  |  Trust Mode   

Trust Mode

»Table of Contents
»Index
»Product Overview
»Getting Started
»Navigating the Software
»The Home Page
»The Settings Page
»Menus
»Credits
»Security
»IP Binding
»IP Restricted Login
»Local Server Certificate
»Local/Anonymous Access
Trust Mode
»Trusted Management Servers
»User Groups
»The Tasks Page
»The Tools Page
»The Logs Page
»Troubleshooting
»Legal Notices
»Printable version
»Glossary
»Using Help
» Configuring Trust Mode
» Related Topics

The Trust Mode link provides options to enable you to select the security required by your system. There are some situations that require a higher level of security than others. Therefore, you are given the following security options:

  • Trust by Certificate. Sets the HP System Management Homepage (HP SMH) to accept configuration changes only from HP Systems Insight Manager (HP SIM) servers with trusted certificates. This mode requires the submitted server to provide authentication by means of certificates. This mode is the strongest method of security since it requires certificate data and verifies the digital signature before allowing access. If you do not want to enable any remote configuration changes, leave [Trust by Certificate] selected, and leave the list of trusted systems empty by avoiding importing any certificates.

    HP strongly recommends using this option as it is more secure.

  • Trust by Name. Sets HP SMH to accept certain configuration changes only from servers with the HP SIM names designated in the [Trust By Name] field. The [Trust By Name] option is easy to configure. For example, you might use the option if you have a secure network with two separate groups of administrators in two separate divisions. It prevents one group from installing software to the wrong system. This option verifies only the HP SIM server name submitted.

    HP strongly recommends using the [Trust by Certificate] option as the other options are less secure.

  • Trust All. Sets HP SMH to accept certain configuration changes from any system. For example, you could use the Trust All option if you have a secure network, and everyone in the network is trusted

    HP strongly recommends using the [Trust by Certificate] option as the other options are less secure.

Configuring Trust Mode

For HP-UX, the imported HP SMH certificates are stored in the /opt/hpsmh/certs directory.

For Linux, the imported HP SMH certificates are stored in the /opt/hp/hpsmh/certs directory.

For Windows, the imported HP SIM certificates are stored in the systemdrive \hp\hpsmh\certs directory.

You must have administrative authority to access this directory.

To trust by certificate:

  1. Select SettingsSystem Management HomepageSecurity.

  2. Click Trust Mode.

  3. Select [Trust by Certificate] to require trusted certificates.

  4. Click Trusted Certificate to access the Trusted Management server certificate.

  5. Click [Save Configuration] to save the current configurations or [Reset Values] to cancel all changes.

To trust by name:

  1. Select SettingsSystem Management HomepageSecurity.

  2. Click Trust Mode.

  3. Select [Trust by Name] to trust by server names.

  4. Enter the server name.

  5. Click [Save Configuration] to save the current configurations or [Reset Values] to cancel all changes.

The server name option must meet the following criteria:

  • Each server name must be less than 64 characters

  • The overall length of the server name list is 1,024 characters

  • Special characters should not be included as part of the server_name: ~ ' ! @ # $ % ^ & * ( ) + = \ " : ' < > ? , |

  • Semicolons are used to separate server_names

To trust all servers:

  1. Select SettingsSystem Management HomepageSecurity.

  2. Click Trust Mode.

  3. Select [Trust All] to trust all servers.

  4. Click [Save Configuration] to save the current configurations or [Reset Values] to cancel all changes.

Related Topics

» Getting Started - Automatically Importing Certificates
» The Settings Page - Security
» Security - IP Binding
» Security - IP Restricted Login
» Security - Local Server Certificate
» Security - Local/Anonymous Access
» Security - Trusted Management Servers
» Security - User Groups