Manage Certificates

Use this task to manage the certificates used on your HMC. It provides the capability of getting information on the certificates used on the console. This task allows you to create a new certificate for the console, change the property values of the certificate, and work with existing and archived certificates or signing certificates.

All remote browser access to the HMC must use Secure Sockets Layer (SSL) encryption. With SSL encryption required for all remote access to the HMC, a certificate is required to provide the keys for this encryption. The HMC provides a self-signed certificate that allows this encryption to occur.

To manage your certificates:

  1. In the navigation area, select the managed system and click the Users and Security icon , and then select Users and Roles.
  2. In the content pane, click Manage Certificates.
  3. Use the menu bar from the Manage Certificates window for the actions you want to take with the certificates:
    • To create a new certificate for the console, click Create, then select New Certificate. Determine whether your certificate will be self-signed or signed by a Certificate Authority (CA), then click OK.
    • To modify the property values of the self-signed certificate, click Selected, then select Modify. Make the appropriate changes, then click OK.
      Note: If you have a certificate signed by a Certificate Authority (CA) that consists of a root certificate, intermediate certificate, and a client or leaf certificate, complete the following steps to upload the certificate to the HMC:
      • Open the CA signed certificate file by using a text-based editor and split the content of the file and save as three separate files. The first file is the client or leaf certificate, the second file is the intermediate certificate, and the third file is the root certificate.
      • Log in to the HMC to import the certificate. First upload the client certificate and click Yes for uploading more files. In the new window, upload the intermediate certificate and the root certificate.
      • Click OK to restart the console.
    • To work with existing and archived certificates or signing certificates, click Advanced. Then you can choose the following options:
      • Delete existing certificates
      • Work with archived certificates
      • Import certificates
      • View issuer certificates
  4. Click Apply for all changes to take effect.

Use the online Help if you need additional information for managing your certificates.