Web server certificates

As previously described, all remote user access to the HMC uses SSL-encrypted connections. While the encryption of the data that flows over the network is important, in some cases it is equally important to use certificates to control some of the parameters for the encryption on these connections.

When first started, the HMC creates a self-signed certificate that can be used for encrypting data for remote user connections. In many cases, the self-signed certificate is sufficient for the customer, and the system administrator needs to do nothing further. However, if a self-signed certificate is not sufficient, the system administrator needs to use the Certificate Management task to create a certificate that meets the needs of the customer. This task provides a full complement of certificate-related functions; from creating a self-signed certificate to providing all the tools needed to allow usage of a certificate signed by one of today's many certificate authorities.

It is worth noting that if the self-signed certificate that the HMC generates is not replaced, there is a risk of a "man-in-the-middle" attack. To create more secure connections, use the Certificate Management task to create a certificate that is not self-signed but instead signed by a certificate authority.

The default expiration date for a self-signed certificate is 397 days from creation. The expiration of 397 days or less is needed to be able to remotely connect to an HMC on iOS and MacOS devices. Other devices have announced their intention to enforce the same restriction in the future and a certificate expiration of 397 days or less is now considered a security best practice.

Hardware messages and audit logs issue warnings when a certificate gets close to expiration. These warning will be issued at 90 days, 30 days, 7 days, and 1 day before expiration and daily after expiration.

In addition to creating a certificate to provide for more security for remote user access, the Certificate Management task can also be used to control the cipher suites that are used when each SSL-encrypted connection is made to the HMC.

Again, the important point to understand is that all remote user access is performed by using SSL-encrypted communications. The HMC provides a full complement of capabilities to allow the customer to customize the certificates and cipher suites that are used for the encryption. Use the Configure SSL Cipher Suites advanced option of the Certificate Management task to specify which SSL cipher suites are allowed to be used for SSL connections to this console. The SSL connections for which these cipher suites apply are those connections from remote web browsers or from web services API programs that connect to the HMC API HTTP server.