- Community Home
- >
- Servers and Operating Systems
- >
- HPE BladeSystem
- >
- BladeSystem - General
- >
- SSL Certificates and Private Keys
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-14-2014 02:10 PM
08-14-2014 02:10 PM
SSL Certificates and Private Keys
Mike had a login question around security:
************
Hi Experts,
I have a customer who has some questions about the Generate Key command in the OA CLI. He would like to know if running the Generate Key command is required as part of replacing a SSL certificate. Also, the customer will be replacing the SSL certificates in the OA with his own CA signed certificates. Will the current 2048-bit-keys that the OA is currently using, would they be replaced by the matching private keys that come with his CA certificates?
***********
Reply from Keshab:
**************
You do not have to generate new SSL and SSH keys to load certificates. Since the customer is trying to load a CA signed key, it appears he is trying to use Two Factor Authentication. In this case, just uploading the CA certificate to the OA will suffice. He has to install the user certificate in the client as well.
Uploading certificates do not replace the OA private keys. Generate key is used to reinitialize the OA private keys during a reset of its network settings or when the administrator feels that new keys should be generated because of the following reasons
- Key strength needs to be increased
- Message digest algo is deprecated e.g. SHA1 may become deprecated and SHA 256 is required
- RSA keys regeneration to increase security
*************
Comments or questions?
- Tags:
- certificate