Edit Local User Certificate Information Tab; Two-Factor Authentication Screen; Two-Factor Authentication Certificate Information Tab - HP Integrity Superdome 2 16-socket User Manual

Edit Local User Certificate Information tab

When Two-Factor Authentication is enabled, a user must have a user certificate to log on to the
Onboard Administrator. Users with administrator privileges can upload or map a valid certificate
to a selected user.
Upload certificates for use in HP Superdome 2 Onboard Administrator in the following ways:
Paste certificate contents into the text box, and then click the Upload button.
Paste the URL of the certificate into the URL box, and then click the Apply button.
When the certificate is successfully uploaded, the SHA1 fingerprint of the user certificate appears.
If a user already has a certificate mapped to an account, the SHA1 fingerprint of the certificate
appears. Any user with administrator privileges can delete their certificate and upload a new user
certificate.

Two-Factor Authentication screen

Two-Factor Authentication Settings tab
NOTE: Onboard Administrator must be configured in Virtual Connect mode before enabling
Two-Factor Authentication when using Virtual Connect Manager and Two-Factor Authentication.
When Two-Factor Authentication is enabled, only users with a valid user certificate are allowed
to log on to Onboard Administrator. A valid user certificate is signed by a trusted Certificate
Authority and is mapped to the respective user on the Onboard Administrator.
To enable Two-Factor Authentication for user authentication during log on, select Enable Two-Factor
Authentication. When Two-Factor Authentication is enabled, Secure Shell and Telnet access is
disabled by default. Disabling Two-Factor Authentication does not automatically re-enable Secure
Shell and Telnet. You must go to the Network Access screen, and then select Enable Secure Shell
and Enable Telnet.
To enable the Onboard Administrator to verify with the Certifying Authority that the certificate
being used has been added to the certificate revocation list (CRL), select Check for Certificate
Revocation. If the certificate is on the CRL, the log on is denied.
Certificate Owner Field
You can configure the Onboard Administrator to use the user principle name in the SAN by selecting
SAN or to use the certificate subject name by selecting Subject when authenticating directory users
with a directory server.
To save settings, click the Apply button.

Two-Factor Authentication Certificate Information tab

This screen displays all Certificate Authorities trusted by the Onboard Administrator. Any user
certificates uploaded to the Onboard Administrator must be signed by one of these Certificate
Authorities. A maximum of three Certificate Authority certificates can be uploaded to the Onboard
Administrator.
Row
Certificate Version
Issuer Organization
Issuer Organization Unit
Issued By
154 Configuring HP Integrity Superdome 2 compute enclosures and enclosure devices
Description
Version number of current certificate
Name of the organization that issued the certificate
Name of the organizational unit that issued the certificate
The authority that issued the certificate