HP (Hewlett-Packard) 2600-PWR Series Switch User Manual


 
7-6
Configuring Secure Socket Layer (SSL)
General Operating Rules and Notes
General Operating Rules and Notes
Once you generate a certificate on the switch you should avoid re-
generating the certificate without a compelling reason. Otherwise,
you will have to re-introduce the switch’s certificate on all manage-
ment stations (clients) you previously set up for SSL access to the
switch. In some situations this can temporarily allow security
breaches.
The switch's own public/private certificate key pair and certificate
are stored in the switch's flash memory and are not affected by
reboots or the erase startup-config command
The public/private certificate key pair is not be confused with the SSH
public/private key pair. The certificate key pair and the SSH key pair
are independent of each other, which means a switch can have two
keys pairs stored in flash
On ProCurve switches that support stacking, when stacking is
enabled, SSL provides security only between an SSL client and the
stack manager. Communications between the stack commander and
stack members is not secure.