Certificate Services

The following sections provide instructions for installing Certificate Services, verifying directory services, and configuring automatic certificate requests.

Installing Certificate Services

To install Certificate Services, follow these steps:

1.Select Start>Settings>Control Panel.

2.Double-clickAdd/Remove Programs.

3.Click Add/Remove Windows Components to start the Windows Components wizard.

4.Select Certificate Services and click Next.

5.At the warning that the server cannot be renamed, click OK. The Enterprise root CA option is selected because there is no CA registered in the Active Directory.

6.Enter the information appropriate for your site and organization. Accept the default time period of two years in the Valid for field and click Next.

7.Accept the default locations of the certificate database and the database log. Click Next.

8.Browse to the c: I386 folder when prompted for the Windows 2000 Advanced Server CD.

9.Click Finish to close the wizard.

Verifying Directory Services

Because the iLO 2 MP communicates with Active Directory using SSL, you must create a certificate or install Certificate Services. Install an enterprise CA because you are issuing certificates to objects within your organizational domain.

To verify that certificate services is installed, select Start>Programs>Administrative Tools>Certification Authority. If Certificate Services is not installed, an error message appears.

Configuring an Automatic Certificate Request

To request that a certificate be issued to the server:

1.Select Start>Run, and enter mmc.

2.Click Add.

3.Select Group Policy, and click Add to add the snap-in to the MMC.

4.Click Browse, and select the Default Domain Policy object. Click OK.

5.Select Finish>Close>OK.

6.Expand Computer Configuration>Windows Settings>Security Settings>Public Key Policies.

7.Right-clickAutomatic Certificate Requests Settings, and select New>Automatic Certificate Request.

8.When the Automatic Certificate Request Setup wizard starts, click Next.

9.Select the Domain Controller template, and click Next.

10.Select the certificate authority listed. (the same CA defined during the Certificate Services installation). Click Next.

11.Click Finish to close the wizard.

Directory-Enabled Remote Management

This section is for administrators who are familiar with directory services and with the iLO 2 MP product. To familiarize yourself with the product and services, see “Directory Services” (page 147). Be sure you understand the examples and are comfortable with setting up the product.

Certificate Services 173

Page 173
Image 173
HP Integrity iLO 2 MP 5991-6005 manual Directory-Enabled Remote Management, Installing Certificate Services