Manage Certificates

Use this task to manage the certificates used on your HMC. It provides the capability of getting information on the certificates used on the console. This task allows you to create a new certificate for the console, change the property values of the certificate, and work with existing and archived certificates or signing certificates.

All remote browser access to the HMC must use Secure Sockets Layer (SSL) encryption. With SSL encryption required for all remote access to the HMC, a certificate is required to provide the keys for this encryption. The HMC provides a self-signed certificate that allows this encryption to occur.


The self-signed certificates on the HMC use 2048-bit RSA encryption. If you are using Certificate Authority (CA) signed certificates, you must use 2048-bit encryption. You can create a new 2048-bit certificate that is signed by the CA by completing the following steps and selecting signed by a CA.

To manage your certificates, complete the following steps:

  1. Open the Manage Certificates task from the HMC Management work pane.
  2. Use the menu bar from the Manage Certificates window for the actions you want to take with the certificates:
    • To create a new certificate for the console, click Create, then select New Certificate. Determine whether your certificate will be self-signed or signed by a Certificate Authority (CA), then click OK.
    • To modify the property values of the self-signed certificate, click Selected, then select Modify. Make the appropriate changes, then click OK.
    • To work with existing and archived certificates or signing certificates, click Advanced. Then you can choose the following options:
      • Delete existing certificates
      • Work with archived certificates
      • Import certificates
      • View issuer certificates
  3. Click Apply for all changes to take effect.

Use the online Help if you need additional information for managing your certificates.

Last updated: Fri, December 06, 2019