Enabling Ssl For The Secure Web Server; Ssl Client Certificate Management; Ssl Client Trusted Certificate Management - IBM BladeCenter Management Module User Manual

Enabling SSL for the secure Web server

Note: To enable SSL, you must have a valid SSL certificate installed.
Complete the following steps to enable the secure Web server:
1. In the navigation pane, click MM Control → Security. The page that is displayed
2. Scroll to the SSL Server Configuration for Web Server section and select

SSL client certificate management

The SSL client requires that a valid certificate and corresponding private encryption
key is installed before SSL is enabled. There are two methods available for
generating the private key and required certificate: using a self-signed certificate, or
using a certificate signed by a certificate authority.
The procedure for generating the private encryption key and certificate for the SSL
client is the same as the procedure for the SSL server, except that you use the SSL
Client Certificate Management section of the Security Web page instead of the SSL
Server Certificate Management section. If you want to use a self-signed certificate
for the SSL client, see "Generating a self-signed certificate" on page 45. If you want
to use a certificate authority signed certificate for the SSL client, see "Generating a
certificate signing request" on page 46.

SSL client trusted certificate management

The secure SSL client (LDAP client) uses trusted certificates to positively identify
the LDAP server. A trusted certificate can be the certificate of the certificate
authority that signed the certificate of the LDAP server or it can be the actual
certificate of the LDAP server. At least one certificate must be imported to the
management module before the SSL client is enabled. You can import up to three
trusted certificates.
Complete the following steps to import a trusted certificate:
1. In the navigation pane, select MM Control → Security.
2. In the SSL Client Configuration for LDAP Client section, make sure that the SSL
50
BladeCenter Management Module: User's Guide
looks similar to the one in the following illustration and shows that a valid SSL
server certificate is installed. If the SSL server certificate status does not show
that a valid SSL certificate is installed, go to "SSL server certificate
management" on page 44.
Enabled in the SSL Client field and then click Save. The value selected takes
effect the next time the management module is restarted.
client is disabled. If it is not disabled, select Disabled in the SSL Client field
and then click Save.