Filter
Top Products
between the Remote Supervisor Adapter II and an LDAP server. If you are not
familiar with the use of SSL certificates, read the information in “SSL certificate
overview.”
Use the following general tasks list to configure the security for the Remote
Supervisor Adapter II:
1. Configure the Secure Web server:
a. Disable the SSL server. Use the SSL Server Configuration for Web
Server area on the Security page.
b. Generate or import a certificate. Use the SSL Server Certificate
Management area on the Security page. (See “SSL server certificate
management” on page 55.)
c. Enable the SSL server. Use the SSL Server Configuration for Web Server
area on the Security page. (See “Enabling SSL for the secure Web server”
on page 60.)
2. Configure SSL security for LDAP connections:
a. Disable the SSL client. Use the SSL Client Configuration for LDAP Client
area on the Security page.
b. Generate or import a certificate. Use the SSL Client Certificate
Management area on the Security page. (See “SSL client certificate
management” on page 60.)
c. Import one or more trusted certificates. Use the SSL Client Trusted
Certificate Management area on the Security page. (See “SSL client
trusted certificate management” on page 61.)
d. Enable the SSL client. Use the SSL Client Configuration for LDAP Client
area on the Security page. (See “Enabling SSL for the LDAP client” on page
62.)
3.
Restart the Remote Supervisor Adapter II for SSL server configuration changes
to take effect. For more information, see “Restarting ASM” on page 66.
Note: Changes to the SSL client configuration take effect immediately and do
not require a restart of the Remote Supervisor Adapter II.
SSL certificate overview
You can use SSL with either a self-signed certificate or with a certificate that is
signed by a third-party certificate authority. Using a self-signed certificate is the
simplest method for using SSL, but it does create a small security risk. The risk
arises because the SSL client has no way of validating the identity of the SSL
server for the first connection that is attempted between the client and server. It is
possible that a third party could impersonate the server and intercept data that is
flowing between the Remote Supervisor Adapter II and the Web browser. If, at the
time of the initial connection between the browser and the Remote Supervisor
Adapter II, the self-signed certificate is imported into the certificate store of the
browser, all future communications will be secure for that browser (assuming that
the initial connection was not compromised by an attack).
For more complete security, you can use a certificate that is signed by a certificate
authority. To obtain a signed certificate, use the SSL Certificate Management page
to generate a certificate-signing request. You must then send the certificate-signing
request to a certificate authority and make arrangements to procure a certificate.
When the certificate is received, it is then imported into the Remote Supervisor
Adapter II through the Import a Signed Certificate link, and you can enable SSL.
54 Remote Supervisor Adapter II SlimLine and Remote Supervisor Adapter II: User’s Guide