
The function of the certificate authority is to verify the identity of the Remote
Supervisor Adapter II. A certificate contains digital signatures for the certificate
authority and the Remote Supervisor Adapter II. If a well-known certificate authority
issues the certificate or if the certificate of the certificate authority has already been
imported into the Web browser, the browser will be able to validate the certificate
and positively identify the Remote Supervisor Adapter II Web server.
The Remote Supervisor Adapter II requires a certificate for the secure Web server
and one for the secure LDAP client. Also, the secure LDAP client requires one or
more trusted certificates. The trusted certificate is used by the secure LDAP client
to positively identify the LDAP server. The trusted certificate is the certificate of the
certificate authority that signed the certificate of the LDAP server. If the LDAP
server uses self-signed certificates, the trusted certificate can be the certificate of
the LDAP server itself. Additional trusted certificates must be imported if more than
one LDAP server is used in your configuration.
SSL server certificate management
The SSL server requires that a valid certificate and corresponding private encryption
key be installed before SSL is enabled. Two methods are available for generating
the private key and required certificate: using a self-signed certificate and using a
certificate that is signed by a certificate authority. If you want to use a self-signed
certificate for the SSL server, see “Generating a self-signed certificate.” If you want
to use a certificate-authority-signed certificate for the SSL server, see “Generating a
certificate-signing request” on page 56.
Generating a self-signed certificate
To generate a new private encryption key and self-signed certificate, complete the
following steps:
1. In the navigation plane, click Security. A page similar to the one in the following
illustration is displayed.
2. In the SSL Server Configuration for Web Server area, make sure that the SSL
server is disabled. If it is not disabled, select Disabled in the SSL Server field
and then click Save.
a. The Remote Supervisor Adapter II must be restarted before the selected
value (Enabled or Disabled) takes effect.
Chapter 3. Configuring the Remote Supervisor Adapter II 55