HP 3PAR StoreServ 7200 2-node HP 3PAR Policy Server Installation and Setup Gui - Page 32
C:\Program Files x86\HP3Par\PolicyServer\Tomcat6\aps\conf\server.xml, SSL Certificate
View all HP 3PAR StoreServ 7200 2-node manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 32 highlights
7. Install the new certificate and CA certificate in the Policy Server keystore file: a. Transfer both the new certificate (tomcat.crt) and the OpenSSL CA certificate (cacert.crt) to the Policy Server server. b. Install both certificates in the Policy Server keystore file. • SSL Certificate: C:\Program Files (x86)\HP 3PAR\PolicyServer\jre\bin>keytool -import -trustcacerts -alias tomcat -file c:\hp-3par\tomcat.crt -keystore c:\hp-3par\heystore-ps Enter keystore password: Certificate reply was installed in keystore C:\Program Files (x86)\HP 3PAR\PolicyServer\jre\bin> • CA certificate: C:\Program Files (x86)\HP 3PAR\PolicyServer\jre\bin>keytool -import -trustcacerts -alias root -file c:\hp-3par\cacert.crt -keystore c:\hp-3par\keystore-ps Enter keystore password: Owner: [email protected], CN=Cert Admin, OU=3PAR, O=HP, ST=CA, C=US Issuer: [email protected], CN=Cert Admin, OU=3PAR, O=HP, ST=CA, C=US Serial number: ba5d98b125297b80 Valid from: Wed Oct 31 08:16:30 PDT 2012 until: Sat Oct 31 08:16:30 PDT 2015 Certificate fingerprints: MD5: 77:A6:21:D1:36:FE:BF:95:58:D1:67:33:5E:12:14:07 SHA1: 53:55:B0:D8:D3:A4:6B:35:B3:79:DF:DF:47:44:09:76:86:BF:65:F1 Signature algorithm name: SHA1withRSA Version: 3 Extensions: #1: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: E3 8F F8 1E 12 F6 FD 76 6D ED 60 82 DF DC 3D F1 .......vm.`...=. 0010: 67 44 14 D6 gD.. #2: ObjectId: 2.5.29.19 Criticality=false BasicConstraints:[ CA:true PathLen:2147483647 #3: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: E3 8F F8 1E 12 F6 FD 76 6D ED 60 82 DF DC 3D F1 .......vm.`...=. 0010: 67 44 14 D6 gD.. [[email protected], CN=Cert Admin, OU=3PAR, O=HP, ST=CA, C=US] SerialNumber: [ ba5d98b1 25297b80] Trust this certificate? [no]: yes Certificate was added to keystore C:\Program Files (x86)\HP 3PAR\PolicyServer\jre\bin> Now the Policy Server is enabled to support SSL connections over port 8443. The Policy Server is still configured for non-SSL connections over port 443. HP recommends that users disable the Policy Server from allowing connections over port 443. To disable non-SSL connections to the Policy Server, edit the following Policy Server configuration file: C:\Program Files (x86)\HP3Par\PolicyServer\Tomcat6\aps\conf\server.xml 32 Configuring the Policy Sever for SSL by Using an Existing Certificate Infrastructure