- Community Home
- >
- Storage
- >
- Midrange and Enterprise Storage
- >
- HPE 3PAR StoreServ Storage
- >
- Updating the Certificate for the SSMC 2.0
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-01-2015 06:53 AM
05-01-2015 06:53 AM
I'd like to update the certificate for the SSMC. I havent been able to find any details about it. Does anyone have a link or some info about that?
Solved! Go to Solution.
- Tags:
- certificate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2015 06:24 AM
05-06-2015 06:24 AM
Re: Updating the Certificate for the SSMC 2.0
I'm currently trying to work my way through this. I think if I can reverse the password for the keystore file I should be able to update it and add my own certs.
If I manage to do this I will post back and write a full 'how to' on my website.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2015 09:07 AM
05-06-2015 09:07 AM
SolutionThe process is documented for SSMC 2.1, available from the HP Software Depot. See the HP 3PAR StoreServ Management Console 2.1 Administrator Guide, QL226-97788. The following is from the 2.1 Admin Guide:
Creating a CA certificate
The following procedure uses Java’s keytool to create public and private keys. For information on using keytool see: http://docs.oracle.com/javase/7/docs/technotes/tools/windows/keytool.html 1. Navigate to C:\Program Files\Hewlett-Packard\SSMC\ssmcbase\etc\ and rename keysstore. to keystore.original. 2. Use keytool to create a new public/privage key pair in a a new keystore file:
keytool -genkeypair -keystore keystore. -alias jetty -keyalg RSA 3. Generate a certificate signing request (CSR):
keytool -certreq -keystore keystore. -alias jetty -file certificate.request.txt 4. Send the CSR to your Certificate Authority and save the resulting signed certificate to the folder in which the keystore resides. 5. Add the chain of certificates to the keystore, starting with the root CA certificate, any intermediate CA certificates, and finally the signed certificate returned by the CA:
keytool -import -alias root -keystore keystore -trustcacerts -file CA.cert.txt
keytool -import -alias jetty -keystore keystore -trustcacerts -file certificate.response.cert.txt 6. Update C:\Program Files\Hewlett-Packard\SSMC\etc\jetty-ssl.xml with the passwords used by the new keystore. Passwords can be in plain text or they can be obfuscated using a Java class which is documented at http://wiki.eclipse.org/Jetty/Howto/Secure_Passwords. 7. Restart the HP 3PAR StoreServ Management Console Server service. 8. Import the Certificate Authority’s root certificate into the Trusted Root Certificate Store in the browser and browse to SSMC.
The previous instructions are for SSMC installed on Windows but apply in general to Linux as well. NOTE: You must repeat this process each time you update SSMC.
Note: While I work for HP, all of my comments (whether noted or not), are my own and are not any official representation of the company.
----------
If my post was useful, click on my KUDOS! "White Star" !
Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the company
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2015 09:45 AM
05-06-2015 09:45 AM
Re: Updating the Certificate for the SSMC 2.0
Ah beat me to it, I just created a post that does things slightly differently with a GUI app instead of the JAVA cli -
http://www.bytesizedalex.com/hp-3par-storeserv-management-console-ssmcssl-certificate-replacement/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-26-2015 05:35 AM
05-26-2015 05:35 AM
Re: Updating the Certificate for the SSMC 2.0
Thanks guys. I will work to get this into production. I just grabbed a copy of the ssmc 2.1 to upgrade my 2.0.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-22-2016 06:03 AM
04-22-2016 06:03 AM
Re: Updating the Certificate for the SSMC 2.0
This is the section where i get lost..
5. Add the chain of certificates to the keystore, starting with the root CA certificate, any intermediate CA certificates, and finally the signed certificate returned by the CA:
keytool -import -alias root -keystore keystore -trustcacerts -file CA.cert.txt
keytool -import -alias jetty -keystore keystore -trustcacerts -file certificate.response.cert.txt
Where is the "CA.cert.txt" this step is refering too? Was i supposed to generate that as well? IF so, i don't see the steps to do that. Or am i just missing something? Totally possible!
thanks!