3. In the folder wher
e the .bat le is located, execute the following command:
C:\MAPP\wk\Supervisor\MappIniSet>MappApacheCrtUpdate.bat
absolute-path-of-signed-public-key-certification-file absolute-
path-of-private-key-file
Note:
A space is r
equired between MappApacheCrtUpdate.bat and the signed
public key certication le path.
A space is required between the signed public key certication le path
and the private key le path.
4. A completion message box displays. Press any key to acknowledge the message and
close the message box.
5. Close the command prompt window.
Notes on updating a signed certificate for the service processor
The following notes provide additional information about updating a signed certicate.
■
While the service pr
ocessor certicate is being updated, tasks that are being run or
scheduled to run on
Device Manager - Storage Navigator are not executed.
■
Certicates for RMI communication are updated asynchronously. The process takes
about two minutes.
■
If the service processor certicate is updated while Hitachi Command Suite is being
set up, the setup operation will fail.
■
Updating the SSL certicate might change the system drastically and may lead to
service processor failure. Therefore take sucient care to consider the content of the
certicate and private key to be set.
■
After the certicate update is complete, depending on the environment, the service
processor can take 30 to 60 minutes to restart.
Returning the certificate to default
You can return the certicate that was updated by the procedure in
Updating a signed
certicate (on page 151) back to default.
Befor
e you begin
■
You must have the Storage Administrator (Initial Conguration) role to perform this
task.
■
You must be logged into the SVP.
■
A private key (.key le) has been created. Make sure that the le name is server.key.
See
Creating a private key (on page 147) .
■
The passphr
ase for the private key (server.key le) is released.
■
A signed public key certicate (.crt le) has been acquired. Make sure that the le
name is server.crt. See
Creating a public key (on page 148) .
■
The private k
ey (.key le) must be in PEM format. You cannot use DER format.
■
The signed public key certicate (.crt le) must be in X509 PEM format. You cannot use
X509 DER format. See
Obtaining a self-signed certicate (on page 149) .
Notes on updating a signed certicate for the service processor
Chapter 5: Setting up security
System Administrator Guide for VSP Gx00 models and VSP Fx00 models 152
To Next Page
Loading...
Need help?
General
