IBM Remote Supervisor Adapter II guide

SSL client trusted certificate management

The secure SSL client (LDAP client) uses trusted certificates to positively identify the LDAP server. A trusted certificate can be the certificate of the certificate authority that signed the certificate of the LDAP server, or it can be the actual certificate of the LDAP server. At least one certificate must be imported to the Remote Supervisor Adapter II before the SSL client is enabled. You can import up to three trusted certificates.

To import a trusted certificate, complete the following steps:

1.In the navigation pane, select Security.

2.In the SSL Client Configuration for LDAP Client area, make sure that the SSL client is disabled. If it is not disabled, select Disabled in the SSL Client field and then click Save.

3.Scroll to the SSL Client Trusted Certificate Management area. A page similar to the one in the following illustration is displayed.

4.Click Import next to one of the Trusted CA Certificate 1 fields. A page similar to the one in the following illustration is displayed.

5.Click Browse.

6.Select the certificate file that you want and click Open. The file name (including the full path) is displayed in the box beside the Browse button.

7.To begin the import process, click Import Certificate. A progress indicator is displayed as the file is transferred to storage on the Remote Supervisor Adapter II. Continue displaying this page until the transfer is completed.

The SSL Client Trusted Certificate Management area of the Security page now look similar to the one in the following illustration.

Chapter 3. Configuring the Remote Supervisor Adapter II 61

Image 69

IBM Remote Supervisor Adapter II manual SSL client trusted certificate management

Contents

User’s Guide Page User’s Guide Page Contents Command-line interface Monitoring remote server status Viewing system healthPerforming Remote Supervisor Adapter II tasks Appendix A. Getting help and technical assistance Page Introduction Remote Supervisor Adapter II featuresPage Web browser and operating-system requirements Page Logging in to the Remote Supervisor Adapter Opening and using the Web interfacePage Opening and using the Web interface Link Action Description Remote Supervisor Adapter II action descriptions ASM2 Link Action Description Configuring the Remote Supervisor Adapter Setting system information Setting server timeouts Post watchdog WatchdogLoader watchdog NMI reset delay Power off delay Setting the date and time NTP update frequency NTP auto-synchronization serviceSynchronizing clocks in a network NTP server host name or IP address Disabling the USB device driver interface Creating a login profile Configuring the Remote Supervisor Adapter II Supervisor Configuring the global login settingsRead Only Custom Configuring the Remote Supervisor Adapter II User login password required Configuring remote alert settingsNumber of previous passwords that cannot be used Maximum Password Age Configuring remote alert recipients Page Forwarding alerts Setting remote alert attempts Delay between entries Setting remote alertsDelay between retries Remote alert retry limit Can be sent for any warning alert Alphanumeric Pager code Recovery code Event Action System alerts Setting local events Event Action Configuring the serial connectors Configuring the Remote Supervisor Adapter II Field What you type Field What you type Port function field, select Serial redirect Serial-to-serial redirection Example session Serial-to-Telnet redirection Scroll to the Serial Redirect Settings / CLI Settings area Configuring the command-line interface settingsCLI mode None CLI disabled Enabled CLI authenticationDisabled CLI with user defined keystroke sequences Https Configuring port assignments TCP command mode Configuring network interfacesSnmp Agent Snmp TrapsPage Field Function Configuring PPP access over a serial connection Configuring Snmp Configuring network protocolsPage Configuring Smtp Setting up a client to use the Ldap server Configuring Ldap Domain Source Service Name Root DNGroup Filter Configuring the Ldap client authentication Configuring the Ldap search attributesBinding Method Login Permission Attribute UID Search AttributeGroup Search Attribute Configuring the Remote Supervisor Adapter II Service Location Protocol SLP TCP Command Mode ProtocolCommand mode Command mode timeout Secure Web server and secure Ldap Configuring securityAddress type Multicast address SSL certificate overview Generating a self-signed certificate SSL server certificate management Generating a certificate-signing request Country Required certificate dataState or Province City or Locality Contact Person Challenge PasswordEmail Address Optional certificate data Configuring the Remote Supervisor Adapter II SSL client certificate management Enabling SSL for the secure Web server SSL client trusted certificate management Enabling SSL for the Ldap client Configuring the Secure Shell server Enabling the Secure Shell server Generating a Secure Shell server key Using the Secure Shell server Using the configuration fileBacking up your current configuration Restoring and modifying your ASM configuration Restoring ASM defaults Restarting ASMLogging off Configuring the Remote Supervisor Adapter II Page Viewing system health Monitoring remote server status Hard Shutdown Soft Shutdown Non-critical Non-recoverableCritical Return to normal Soft Shutdown Viewing the event log Informational Machine level VPD Viewing vital product dataComponent level VPD Component Activity Log Diagnostics VPD POST/BIOS VPD Integrated system management processor VPD Page Performing Remote Supervisor Adapter II tasks Server power and restart activity Power-on hours Remotely controlling the power status of a serverPower on server immediately Restart count Remote control Remote console Remote console keyboard support Remote diskClick Save Buttons Page Select File Removable DriveUSB flash drive Serial redirection quick setup Setting up PXE network boot Disable serial redirect Serial pass-thruRedirect to Telnet Click Continue Updating firmware System Health ASM NameASM Interconnect Connection No LAN support Direct LAN ConnectionFunction not supported No LAN connection Accessing the command line Logging in to the command-line sessionCommand syntax Features and limitations Exit command Utility commandsHelp command History command Clearlog command Monitor commandsFans command Readlog command Syshealth command Temps commandVolts command Server power and restart control commands Vpd command Reset command Power commandSerial redirect command Console command Configuration commands Dhcpinfo commandOption Description Option Description Values Ifconfig command LAA Ldap command Name/ipaddr Passwordcfg command Ntp command Portcfg command Srcfg command Slp command Ssl command Tcpcmdmode command Option Timeout Units Values Timeouts command Users command ASM control commands Clearcfg commandClock command Update command Resetsp command Example Page Before you call Using the documentation Software service and support Hardware service and support IBM Taiwan product serviceGetting help and information from the World Wide Web Trademarks Appendix B. Notices Important notes Appendix B. Notices Page Index Ldap Remote Supervisor Adapter Configuring Features Functions Web site Page Part Number 43W7827