HPE XP P9000 User manual
HPE XP P9000 Remote Web Console
User Guide
Part Number: P01342-002
Published: April 2019
Edition: 14
Abstract
This guide explains how to set up and use the HPE Remote Web Console to manage XP
P9000 disk arrays over a Local Area Network (LAN) connection. Topics include how to obtain
storage system configuration and status information, send user-requested commands to the
storage system, install and launch XP P9000 program products, and troubleshoot storage
system issues. The intended audience is a storage system administrator or Hewlett Packard
Enterprise technical support with independent knowledge of XP P9000 disk arrays.
© Copyright 2010, 2019 Hewlett Packard Enterprise Development LP
Notices
The information contained herein is subject to change without notice. The only warranties for Hewlett
Packard Enterprise products and services are set forth in the express warranty statements accompanying
such products and services. Nothing herein should be construed as constituting an additional warranty.
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained
herein.
Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession,
use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer
Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government
under vendor's standard commercial license.
Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard
Enterprise has no control over and is not responsible for information outside the Hewlett Packard
Enterprise website.
Acknowledgments
Intel®, Itanium®, Pentium®, Xeon®, Intel Inside®, and the Intel Inside logo are trademarks of Intel
Corporation in the U.S. and other countries.
Microsoft® and Windows® are either registered trademarks or trademarks of Microsoft Corporation in the
United States and/or other countries.
Adobe® and Acrobat® are trademarks of Adobe Systems Incorporated.
Java® and Oracle® are registered trademarks of Oracle and/or its affiliates.
UNIX® is a registered trademark of The Open Group.
Contents
Remote Web Console overview.............................................................9
Manage the storage system..........................................................................................................9
GUI feature highlights................................................................................................................... 9
Emphasis on performance............................................................................................... 10
Wizards and task management........................................................................................10
Reporting..........................................................................................................................10
Help..................................................................................................................................10
Remote Web Console CLI.......................................................................................................... 10
Remote Web Console components............................................................................................ 10
Setting up Remote Web Console.........................................................12
Setup workflow............................................................................................................................12
Cable connection requirements.................................................................................................. 12
Enabling IPv6 communication..........................................................................................12
Configuring IPv6 communication in Windows 7............................................................... 13
Configuring IPv6 communication in Solaris 10.................................................................13
Setting up SSL encryption.......................................................................................................... 13
Flow of SSL communication settings............................................................................... 14
Notes on updating the signed certificate to the SVP........................................................15
Creating a keypair............................................................................................................ 15
Creating a signed and trusted certificate..........................................................................17
Disabling TLSv1.0 and TLSv1.1 communications............................................................19
Enabling TLSv1.0 and TLSv1.1 communications............................................................ 19
Blocking HTTP communication to the storage system.....................................................20
Releasing HTTP communication blocking ...................................................................... 20
Setting up the client computer ................................................................................................... 21
Requirements for client computers.................................................................................. 21
Configuring a Windows 2003/2008 Server.......................................................................25
Setting up TCP/IP for a firewall........................................................................................ 26
Configuring the Web browser...........................................................................................26
Installing the Adobe Flash Player.....................................................................................27
Installing and configuring the JRE....................................................................................27
Changing Java Security Settings..................................................................................... 28
Using the SMI-S function with a Remote Web Console user account........................................ 28
Using the SMI-S function................................................................................................. 28
Uploading a signed certificate to the SMI-S provider....................................................... 29
Returning an SMI-S provider certificate to default........................................................... 30
Uploading an SMI-S provider configuration file................................................................31
Returning an SMI-S provider configuration file to default.................................................32
Installing the report configuration tool......................................................................................... 33
Prerequisites.................................................................................................................... 33
Installation procedure.......................................................................................................33
Using the report configuration tool ............................................................................................. 34
Enabling the compatibility view setting in Internet Explorer 11................................................... 34
Getting started using Remote Web Console...................................... 35
Logging in to Remote Web Console........................................................................................... 35
Initial super-user login...................................................................................................... 35
3
Normal login..................................................................................................................... 35
Changing your password................................................................................................. 36
Adding your SVP to the trusted sites zone—for Windows server.................................... 36
Remote Web Console restrictions...............................................................................................37
General restrictions.......................................................................................................... 37
Web browser restrictions while using Remote Web Console...........................................38
Unsupported actions in Windows version of Remote Web Console................................ 39
Unsupported actions in UNIX version of Remote Web Console...................................... 39
Applying changes made in Remote Web Console...........................................................39
Refreshing data after a Auto LUN or Quick Restore operation........................................ 40
Refreshing data after operations performed with another application..............................40
Refreshing your user view.......................................................................................................... 40
Setting your view back to default................................................................................................ 40
For more information about Remote Web Console.....................................................................41
Setting up and managing user accounts............................................42
Workflow for creating and managing user accounts................................................................... 42
Using an authentication server and authorization server............................................................42
Authentication server protocols........................................................................................43
Authorization server requirements................................................................................... 44
Connecting two authentication servers............................................................................ 44
Connecting authentication and authorization servers...................................................... 45
Naming a user group in Remote Web Console................................................................45
User Groups................................................................................................................................46
Roles................................................................................................................................ 47
Built-in groups, roles, and resource groups..................................................................... 51
Creating a new user group...............................................................................................52
Managing user accounts.............................................................................................................53
Creating user accounts.................................................................................................... 53
Changing user passwords................................................................................................55
Changing user permissions..............................................................................................56
Disabling user accounts................................................................................................... 57
Deleting user accounts.....................................................................................................57
Managing certificates for Hewlett Packard Enterprise Systems Insight Manager.......................58
Required role for single sign-on....................................................................................... 58
Importing a tool definition file into Hewlett Packard Enterprise Systems Insight
Manager........................................................................................................................... 58
Registering the certificates for single sign-on.................................................................. 59
Deleting the certificates for single sign-on....................................................................... 60
Removing a tool definition file from Hewlett Packard Enterprise Systems Insight
Manager........................................................................................................................... 61
Changing the user group configuration.......................................................................................61
Changing a user group name...........................................................................................61
Changing user group permissions................................................................................... 62
Changing resource groups assigned to a user group...................................................... 63
Deleting a user group.......................................................................................................63
Account lock policy..................................................................................................................... 63
Session timeout.......................................................................................................................... 64
Configuring the Remote Web Console environment.........................65
Configuration overview............................................................................................................... 65
Creating a login message........................................................................................................... 65
Setting e-mail notification for SIMs or SNMP traps.....................................................................66
Configuring e-mail notification..........................................................................................67
4
Sending a test e-mail....................................................................................................... 68
Setting time periods.................................................................................................................... 69
Backing up and restoring Remote Web Console configuration files........................................... 71
Prerequisites for backing up and restoring Remote Web Console configuration files......71
Backing up Remote Web Console configuration files...................................................... 72
Restoring Remote Web Console configuration files.........................................................73
Setting and configuring syslog notification for SIMs................................................................... 74
Sending a test syslog..................................................................................................................74
License keys..........................................................................................75
License keys overview................................................................................................................ 75
License key types....................................................................................................................... 75
Using the permanent key............................................................................................................ 76
Using the term key...................................................................................................................... 76
Using the temporary key............................................................................................................. 76
Using the emergency key........................................................................................................... 77
Using the meter key.................................................................................................................... 77
Grace Period status with meter key ........................................................................................... 79
Estimating licensed capacity.......................................................................................................79
Software and licensed capacity........................................................................................79
Calculating licensed capacity for a normal volume.......................................................... 82
Calculating licensed capacity for an external volume...................................................... 83
Calculating pool capacity ................................................................................................ 83
Installing and removing software................................................................................................ 83
Installing software using a license key code.................................................................... 84
Installing software using a license key file....................................................................... 84
When the status is Installed (Disabled)............................................................................84
Enabling or disabling a license.........................................................................................85
Removing software...........................................................................................................85
Insufficient license capacity.........................................................................................................86
Exceeded capacity........................................................................................................... 86
License key expiration................................................................................................................ 86
Expired temporary key..................................................................................................... 87
Expired term key.............................................................................................................. 87
Expired meter key............................................................................................................ 87
Viewing and managing the storage system....................................... 88
Viewing and managing overview.................................................................................................88
Viewing storage system information........................................................................................... 88
Viewing basic information.................................................................................................88
Viewing specific information.............................................................................................89
Viewing other system information.................................................................................... 89
Viewing port locations...................................................................................................... 90
Status icons for certain resources....................................................................................90
Viewing Remote Web Console data using external applications ............................................... 91
Using reports to verify system changes...................................................................................... 91
Viewing a Remote Web Console report...................................................................................... 92
Creating a configuration report.........................................................................................92
Deleting a configuration report......................................................................................... 93
Managing tasks...........................................................................................................................93
Tasks window................................................................................................................... 94
Managing your tasks........................................................................................................ 94
Stalled tasks.....................................................................................................................94
Setting the status refresh interval of the Tasks window................................................... 95
5
Troubleshooting.................................................................................. 103
General troubleshooting............................................................................................................103
Checking alerts......................................................................................................................... 104
Login errors...............................................................................................................................105
Java application errors..............................................................................................................105
No-response errors................................................................................................................... 109
Incorrect display errors..............................................................................................................113
UNIX operation errors............................................................................................................... 115
Other errors...............................................................................................................................116
Clearing Java and Web browser caches...................................................................................118
Firefox Web browser problems on UNIX...................................................................................118
Downloading dump files using the FD Dump tool..................................................................... 118
Saving Java log and trace files..................................................................................................119
Storage configuration reports........................................................... 121
Reports in table view ................................................................................................................121
Disk Adapters report.......................................................................................................121
Host Groups report.........................................................................................................122
Hosts report....................................................................................................................123
Logical Device Expansions report..................................................................................124
Logical Devices report....................................................................................................124
LUNs report....................................................................................................................126
MP Blades report............................................................................................................127
MP Blade Details report................................................................................................. 127
Parity Groups report.......................................................................................................128
Ports report.....................................................................................................................129
Spare Drives report........................................................................................................ 130
SSD Endurance report................................................................................................... 131
Storage System Summary report...................................................................................131
Reports in graphical view .........................................................................................................133
Cache Memories report..................................................................................................133
Channel Adapters report................................................................................................ 134
Physical View report.......................................................................................................135
Report Configuration Tool command reference (raidinf
commands) ......................................................................................... 138
raidinf command list and command description .......................................................................138
raidinf command syntax............................................................................................................ 138
raidinf add report.......................................................................................................................140
raidinf delete report................................................................................................................... 141
raidinf download report............................................................................................................. 142
raidinf get reportinfo.................................................................................................................. 143
SMI-S provider configuration file.......................................................145
User-defined.properties file.......................................................................................................145
File description format....................................................................................................145
File organization format..................................................................................................145
Parameters defined in user configuration files............................................................... 145
Remote Web Console GUI reference (main window) ......................149
6
Remote Web Console main window......................................................................................... 149
Using the main window and wizard................................................................................152
Main window controls.....................................................................................................153
Reset View Settings....................................................................................................... 156
Column Settings window...........................................................................................................157
Storage Systems window..........................................................................................................158
Edit Storage System window.................................................................................................... 162
Confirm window (Edit Storage System) ................................................................................... 163
Edit Information Display Settings window................................................................................. 164
Resource Lock Properties window............................................................................................165
Tasks window............................................................................................................................166
Task Properties window............................................................................................................ 169
Suspend Tasks window.............................................................................................................170
Resume Tasks window............................................................................................................. 171
Delete Tasks window................................................................................................................ 172
Disable Auto Delete window..................................................................................................... 173
Enable Auto Delete window...................................................................................................... 174
Reports window........................................................................................................................ 175
Create Configuration Report window........................................................................................ 176
Delete Reports window............................................................................................................. 177
User Groups window.................................................................................................................178
Window when User Group is selected...................................................................................... 180
Create User window..................................................................................................................183
Confirm window (Create User) .................................................................................................184
Change Password window........................................................................................................185
Confirm window (Change Password) .......................................................................................186
Edit User window...................................................................................................................... 186
Confirm window (Edit User) ..................................................................................................... 187
Add Users window.................................................................................................................... 188
Confirm window (Add Users) ................................................................................................... 191
Remove Users window............................................................................................................. 192
Delete Users window................................................................................................................ 193
Create User Group wizard........................................................................................................ 193
Create User Group window............................................................................................193
Confirm window (Create User Group)............................................................................195
Edit User Group wizard.............................................................................................................197
Edit User Group window................................................................................................ 197
Confirm window (Edit User Group) ................................................................................198
Delete User Groups window..................................................................................................... 199
Edit Resource Group Assignment wizard................................................................................. 199
Edit Resource Group Assignment window.....................................................................200
Confirm window for Edit Resource Group Assignment.................................................. 203
Edit Role Assignment wizard.................................................................................................... 203
Edit Role Assignment window........................................................................................204
Confirm window for Edit Role Assignment..................................................................... 207
Alerts window............................................................................................................................208
Alert Properties window............................................................................................................ 210
Setup Server wizard..................................................................................................................211
Select Authentication Server window.............................................................................212
Disable authentication server setup window ................................................................. 214
LDAP Properties window.......................................................................................................... 215
RADIUS Properties................................................................................................................... 217
Kerberos Properties.................................................................................................................. 220
Setup Server for LDAP............................................................................................................. 222
Setup Server for LDAP window......................................................................................223
Confirm window for LDAP Setup Server........................................................................ 227
Setup Server for RADIUS ........................................................................................................ 229
7
Setup Server RADIUS window.......................................................................................230
Confirm window for RADIUS Setup Server ...................................................................235
Setup Server for Kerberos........................................................................................................ 238
Setup Server Kerberos window......................................................................................239
Confirm window for Kerberos Setup Server ..................................................................243
Edit SIM Syslog Server Settings wizard....................................................................................246
Edit SIM Syslog Server Settings window....................................................................... 246
Confirm window (Edit SIM Syslog Server Settings) ...................................................... 248
Remote Web Console GUI reference (secondary windows) .......... 250
Remote Web Console secondary window................................................................................ 250
Opening Remote Web Console secondary windows..................................................... 252
Remote Web Console secondary windows and Modify mode....................................... 253
About window............................................................................................................................254
License Key window................................................................................................................. 255
License Key list.............................................................................................................. 257
Status and icons.............................................................................................................258
Alerts window............................................................................................................................260
Login Message window.............................................................................................................262
E-mail Information window........................................................................................................263
Report Display dialog box......................................................................................................... 264
Common elements......................................................................................................... 265
Port dialog box............................................................................................................... 266
LUN dialog box...............................................................................................................269
LDEV dialog box............................................................................................................ 270
LDEV Status dialog box................................................................................................. 273
Tool Panel GUI Reference.................................................................. 276
Control Panel............................................................................................................................ 276
Environment Parameter window.................................................................................... 276
Download File window................................................................................................... 277
Restore File window.......................................................................................................277
Download Dump Files window....................................................................................... 278
Update Certificate Files window.....................................................................................279
Update Certificate Files for SMI-S window.....................................................................280
Upload Configuration Files for SMI-S window................................................................281
Websites.............................................................................................. 283
Support and other resources.............................................................284
Accessing Hewlett Packard Enterprise Support....................................................................... 284
Accessing updates....................................................................................................................284
Customer self repair..................................................................................................................285
Remote support........................................................................................................................ 285
Warranty information.................................................................................................................285
Regulatory information..............................................................................................................286
Documentation feedback.......................................................................................................... 286
8
Remote Web Console overview
Hewlett Packard Enterprise Remote Web Console provides a unified GUI for managing and optimizing
the XP P9500 storage system. You can access the system in Remote Web Console from any computer
with a Web browser. Besides the GUI, Remote Web Console provides a CLI to allow scheduling of
storage system events.
Remote Web Console can be set up in either Windows or UNIX environments.
Manage the storage system
With Remote Web Console, you can perform the following tasks:
• Provision storage.
• Set up data replication for restoring lost data.
• View and manage the configuration of the storage system.
• Monitor and tune performance.
• Acquire logs for actions and commands performed on the storage system.
GUI feature highlights
Remote Web Console allows you to set up and manage more than one storage system with a use-case in
mind. Whether creating LDEVs or pools, adding host groups or LUN paths, enabling performance
monitoring, or creating pairs for replication—these and all storage system tasks are made simpler
because the GUI seamlessly crosses the underlying XP P9500 software functionality. The use of wizards
for major use-case tasks makes it possible to complete the set of tasks in one procedural flow, with a
minimum of steps and a minimum of clicks.
The following illustration shows an example of the GUI main window.
Figure 1: Remote Web Console GUI
Remote Web Console overview 9
Emphasis on performance
Operations you perform are executed in the background. This means you can start the next operation
without waiting for the previous one to complete.
Wizards and task management
Wizards are provided for each main task. The wizard guides you through all the subtasks that you
ordinarily perform one at a time. For example, the Create V-VOLs wizard guides you through a series of
screens in which you create the LDEVs for the V-VOLs and add LUN paths by selecting LDEVs, selecting
host groups, and mapping LUNs.
Remote Web Console also provides a window checking on the tasks you have committed to the system.
The Tasks window provides detailed information about each task and shows the priority and status of
each task you are tracking.
Reporting
Remote Web Console provides views of various aspects of your storage system. In addition to these
views, you can generate a report for specific areas of the system. Reports can be generated for a
summary of the system data, ports, Channel Adapters, and disk adapters. A total of 20 configuration
reports can be generated. Reports are formatted in either CSV or HTML. Use these reports to determine
if the storage system configurations have changed properly.
The Report Configuration Tool allows you to create a configuration report by using a command prompt.
You can automate the creation or deletion of configuration reports by writing .bat script files. Use the
Windows Task Scheduler to execute the script files at regular intervals.
Help
Remote Web Console online help provides procedural information for setting up and managing the
storage system. Links to the major storage system tasks, search functions, and glossary are included.
Remote Web Console CLI
The Remote Web Console CLI allows you to perform commands on the storage system using the
command prompt. To use the CLI, you need to install certain files on the Remote Web Console computer.
The CLI can be used to perform only specific operations for specific software. For details on the Remote
Web Console CLI, see the XP P9000 Spreadsheet Guide .
Remote Web Console components
The following figure shows an example of the Remote Web Console computer and SVP configuration.
10 Remote Web Console overview
Figure 2: Remote Web Console and SVP configuration
Remote Web Console overview 11
Setting up Remote Web Console
This topic provides Remote Web Console requirements and set up procedures.
Setup workflow
The following workflow describes the set up tasks for Remote Web Console:
• The Hewlett Packard Enterprise representative attaches the SVP in your storage system to the LAN.
Remote Web Console is already set up on the SVP and is therefore ready for access by client
computers.
• Ensure the correct LAN cabling and connections are in place. See Cable connection requirements
on page 12.
• Set up network connections. See Enabling IPv6 communication on page 12, as needed. Also, you
can set up additional communications security for remote operations with Secure Sockets Layer
(SSL). See Setting up SSL encryption on page 13
• Set up the Remote Web Console computer(s). See Setting up the client computer on page 21.
• Set up user accounts. See Setting up and managing user accounts on page 42.
• Configure Remote Web Console environment. See Configuring the Remote Web Console
environment on page 65.
• Install license keys for any software applications that are installed on the system. See License keys
on page 75.
Requirements for the various elements are included in the following topics.
Cable connection requirements
Ensure that the following LAN cable and connection requirements are met:
• Thinnet coaxial cable. For twisted-pair connections, contact Hewlett Packard Enterprise Technical
Support for assistance.
• The total length of the LAN cables must not be greater than 185 meters (607 feet).
Enabling IPv6 communication
If Internet Protocol Version 6 (IPv6) addresses are used in the storage system LAN, you may need to
enable IPv6 communication on the SVP. For Windows 7 and Solaris 10, you can enable IPv4 (standard)
communication, IPv6 communication, or both. You determine which protocol to use based on the IP
addresses that are used within the LAN. Use the same communication options for or both the Remote
Web Console computer and the SVP.
If you use IPv6 to display the Remote Web Console main window when both IPv4 and IPv6 are available,
IPv6 addresses are displayed in the Remote Web Console secondary window but actually IPv4
communication is used.
For information on how to configure IP communication from an SVP, contact the Hewlett Packard
Enterprise technical support. The following topics give brief instructions on configuring IPv6
communication in Windows 7 and Solaris 10 environments.
12 Setting up Remote Web Console
Configuring IPv6 communication in Windows 7
To configure a Remote Web Console computer to use IPv6 for communication with an SVP:
Procedure
1. Select Control Panel > Network and Sharing Center > Manage network connections.
2. Select and right-click the network where the SVP resides, and then, click Properties in the pop-up
menu. Click Continue if the User Account Control dialog box appears. Otherwise, the Networking
dialog box appears.
3. Select the Internet Protocol Version 6 (TCP/IPv6) check box. Optionally, clear the Internet Protocol
Version 4 (TCP/IPv4) check box.
4. Click OK to close the dialog box.
Configuring IPv6 communication in Solaris 10
To configure a Remote Web Console computer to use IPv6 for communication with an SVP:
Procedure
1. Start the console.
2. Execute the following command:
ipconfig network-interface-name inet down
Setting up SSL encryption
To improve security of remote operations from a Remote Web Console SVP to a storage system, you can
set up Secure Sockets Layer (SSL) encrypted communication. By setting SSL encryption, the Remote
Web Console User ID and Password are encrypted.
NOTE:
• To add the Secure attribute to Cookie using Remote Web Console, you must block HTTP
communication. For details, see Blocking HTTP communication to the storage system.
• Remote Web Console supports HTTP Strict Transport Security (HSTS).
Strict-Transport-Security: max-age=31536000
To enable HSTS, you must use the security certificate issued by a trusted root certificate authority for your
Remote Web Console domain. HSTS is valid for one year (31536000 seconds), and it is renewed
automatically every time the HSTS header is sent to the browser. The security certificate to use is
determined by the browser. For details, contact your browser vendor.
Note the following SSL terms:
•Secure Sockets Layer: SSL is a protocol first developed by Netscape to securely transmit data over
the Internet. Two SSL-enabled peers use their private and public keys to establish a secure
communication session, with each peer encrypting transmitted data with a randomly generated and
agreed-upon symmetric key.
•Keypair: A keypair is two mathematically-related cryptographic keys consisting of a private key and its
associated public key.
Setting up Remote Web Console 13
•Server Certificate: A Server Certificate (also called a Digital Certificate) forms an association between
an identity (in this case the SVP server) and a specific keypair. A Server Certificate is used to identify
the SVP server to a client so that the server and client can communicate using SSL. Server
Certificates come in two basic types:
•Self-signed: You generate your owned self-signed certificate and the subject of the certificate is the
same as the issuer of the certificate. If the Remote Web Console computers and the SVP are on an
internal LAN behind a firewall, you may find that this option provides sufficient security.
•Signed and Trusted: For a Signed and Trusted Server Certificate, a Certificate Signing Request
(CSR) is sent to and certified by a trusted Certificate Authority (CA) such as VeriSign (http://
www.verisign.com/)
If you enable SSL, you must make sure that the key pair and associated server certificate do not expire. If
either the key pair or the server certificate expires, users will be unable to connect to the SVP. Server
certificates require the use of a host name instead of an IP address.
Flow of SSL communication settings
The following shows a flow of required settings for SSL communication. Note that creation of private and
public keys requires a dedicated program. Download one from the OpenSSL Website (http://
www.openssl.org/).
14 Setting up Remote Web Console
Notes on updating the signed certificate to the SVP
Read the following notes about uploading the signed certificate to the SVP:
• While the SVP certificate is being updated, tasks that are being executed or scheduled for execution
on Remote Web Console are not executed.
• Certificates for RMI communication are updated asynchronously (within approximately two minutes).
• If an SVP certificate is updated during Command View Advanced Edition setup operation, the
Command View Advanced Edition setup operation will result in an error
• Update of the SSL certificate gives a great influence to the system and may lead to SVP failure.
Therefore take sufficient care about the content of the certificate and private key to be set.
• Depending on the environment, the SVP web server restart may require 30 to 60 minutes after update
of the certificate is completed. In that case, an internal server error occurs, and even after completion
of the restart, the update completion dialog box for Update Certificate Files does not display, but the
update of the certificate is complete.
Creating a keypair
To enable SSL, you must create a keypair consisting of a public and a private key. The instructions use
Windows XP as an example.
If you are using Solaris, download software for creating an OpenSSL keypair (http://www.openssl.org/)
and follow the manufacturer’s instructions.
Creating a private key (.key file)
A private key is required to create an SSL keypair. The following procedure is for the Windows Vista
operating system.
To create a private key (.key file) in a Windows Vista environment:
Prerequisites
Before you begin, download openssl.exe from the OpenSSL Website.
Procedure
1. If the read-only attribute is set, release it from the c:\key folder.
2. Open a command prompt.
3. Move the current directory to the folder to which the key file is output (such as c:\keyl), and execute
the following command:
c:\key > c:\openssl\bin\openssl genrsa -out server.key 1024
This procedure creates a file called server.key in the c:\key folder. This file becomes the private Key.
Creating a public key (.csr file)
A public key is required to create an SSL keypair. The following procedure is for the Windows Vista
operating system.
To create a public key in a Windows Vista environment:
Setting up Remote Web Console 15
1. Open a command prompt.
2. Move the current directory to the folder to which the key file is output (such as c:\key). Execute the
following command:
c:\key > c:\openssl req -sha256 -new -key server.key -config c:\openssl\bin
\openssl.cfg -out server.csr
3. Enter the following information in the prompt:
• Country Name (two-letter code)
• State or Province Name
• Locality Name
• Organization Name
• Organization Unit Name
• Common Name
To create a self-signed certificate, enter the IP address of the web server (SVP). To obtain a signed
and trusted certificate, ensure that the server name is the same as the host name of the storage
device.
• Email Address
• Challenge password (optional)
• Common name (optional)
Prerequisites
Before you begin, download openssl.exe from the OpenSSL Website.
An example of a command prompt when you create a public key is shown in the following figure.
Figure 3: Creating a public key
16 Setting up Remote Web Console
Acquiring a self-signed certificate
To acquire a self-signed certificate, open the command prompt and execute the following command:
c:\key>c:\openssl\bin\openssl x509 -req -sha256 -days 10000 -in server.csr -
signkey server.key -out server.crt
NOTE:
This command uses SHA-256 as a hash algorithm. MD5 or SHA-1 is not recommended for a hash
algorithm due to its low security level.
This creates a server.crt file in the c:\key folder, which is valid for 10,000 days. This is the signed
private key, which is also referred to as a self-signed certificate.
Creating a signed and trusted certificate
If you want to create a signed and trusted certificate, you must create a certificate signing request (CSR),
send that file to a Certificate Authority (CA), and request that the CA issue a signed and trusted
certificate. Each certificate authority has its own procedures and requirements, and there is generally a
cost for doing so. The signed and trusted certificate is the signed Public Key.
Uploading a signed certificate to the SVP
Update and upload both the Private Key and the signed Server Certificate (Public Key) to the Web server
(SVP).
Related information
Notes on updating the signed certificate to the SVP
Prerequisites
To use SSL-encrypted communication, you must update and upload the private key and the signed
Server Certificate (Public Key) to the SVP.
• A private key (.key file) has been created. Change the file name to server.key unless the file is
already named that.
• A signed public key certificate (.crt file) has been acquired. Change the file name to server.crt
unless the file is already named that.
• The private key (server.key file) and the signed public key certificate (server.crt file) are in
Base 64-encoded X509 format.
Procedure
1. Log off all Remote Web Console Web client sessions on the SVP.
2. In the browser of your Remote Web Console computer, specify the following URL:
http://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
3. In the Tool Panel dialog box, click Update Certificate Files. If the SSL encrypted communications is
set up and the Security Alert dialog box appears, click OK. The Security Alert dialog box for the
certificate may also appear. In this case, click View Certificate, confirm the certificate is correct, and
then, click Yes.
4. Enter the User ID and Password for the administrator, then click Login. The upload dialog box for
Update Certificate Files appears.
Setting up Remote Web Console 17
5. Enter both the public key certificate file name in the Certificate file (server.crt file) box and the
private key file (server.key file) box. You can enter the file names directly or by clicking Browse.
6. Click Upload on the upload dialog box of Update Certificate Files. The execution of Update Certificate
Files confirmation dialog box appears.
7. Click OK to begin the certificate update. Once complete, the Web server restarts and a dialog box
appears.
It may take 30 or 60 minutes for the Web server to restart. In this case, the Update Certificate Files
Completion dialog box does not appear and an internal server error occurs, but the setting is actually
completed.
8. Click OK. If the Security Alert dialog box for the certificate appears, click View Certificate to confirm
that the certificate is correct, and click Yes.
If an error occurs during the certificate update, an error message will appear. Solve the problem, and
restart from the logging in to Update Certificate Files.
Returning a certificate to default
You can return the certificate updated in "Uploading the signed certificate to the SVP" to default.
To return the certificate to default:
Procedure
1. Terminate all Remote Web Console connected to the SVP.
2. From a PC on which Remote Web Console operates, start the web browser.
3. Specify the following URL to open the Tool Panel dialog box: https://SVP-IP-address-or-host-name/
cgi-bin/utility/toolpanel.cgi
4. From the Tool Panel dialog box, click Update Certificate Files. A login dialog box for Update
Certificate Files opens.
If SSL communication has been established, the Security Alert dialog box is displayed before the
login dialog box. In that case, click OK. If the Security Alert dialog box regarding the certificate is
displayed at other times, ensure that the certificate is correct, and then, click Yes.
5. From the Update Certificate Files login dialog box, enter the administrator user ID and password, and
click Login. The upload dialog box for Update Certificate Files is displayed.
6. In the upload dialog box for Update Certificate Files, click Return to Default. The confirmation dialog
box for Update Certificate Files is displayed. From the upload dialog box for Update Certificate Files,
click Return to Default. The confirmation dialog box for Update Certificate Files is displayed.
Upon completion of the certificate update, the Web server restarts to reflect the update. When the
restart of the Web server is complete, the update completion dialog box for Update Certificate Files is
displayed.
7. From the update completion dialog box for Update Certificate Files, click OK. The display returns to
the login dialog box.
8. In some cases, the Security Alert dialog box regarding the certificate may display before the login
dialog box. If so, check that the certificate is correct, and click Yes.
NOTE: If an error occurs during update of the certificate, an error message is displayed. If so, resolve the
problem and then re-execute from login to Update Certificate Files.
18 Setting up Remote Web Console
Importing the certificate to the SVP
If you use a self-signed certificate, the Web browser displays a warning message when it connects to an
SSL-enabled SVP. You can disable this message using the following sample procedure, which assumes
the use of Internet Explorer® 8.0.
To import the certificate to the browser:
Procedure
1. Log on to the Remote Web Console SVP using a secure connection (specify the URL using https).
The Security Alert dialog box appears.
2. Click Continue to this website (not recommended) in the Security Alert dialog box.
3. Click the Page > Security Report > Certificate Invalid.
The subsequent dialog box appears.
4. Click View certificates.
5. Click the General tab in the Certificate window.
6. Click Install Certificate (I) .
The Welcome window of the Certificate Import Wizard appears.
7. Click Next.
The Certificate Store window of the wizard appears.
8. Select Automatically select the certificate store based on the type of certificate, and click Next.
The completion window appears.
9. Click Finish.
If the import was successful, the confirmation window appears.
10. Click OK.
Disabling TLSv1.0 and TLSv1.1 communications
To enhance security, you can disable TLSv1.0 and TLSv1.1 communications and use only TLSv1.2.
If you want to disable TLSv1.0 and TLSv1.1 communications, contact Hewlett Packard Enterprise
technical support.
NOTE:
• JRE6.0 does not support TLSv1.2. Use JRE7.0 or later. JRE8.0 or later is recommended.
• Your Web browser might not support TLSv1.2. In this case, use a web browser that supports TLSv1.2.
For details about supported web browser versions, contact Hewlett Packard Enterprise technical
support.
• If you disable TLSv1.0 and TLSv1.1 communications, pages might not be displayed correctly
depending on the TLS setting. Enable Use TLS 1.2 of the browser.
Enabling TLSv1.0 and TLSv1.1 communications
You can enable the disabled TLSv1.0 and TLSv1.1 communications.
Setting up Remote Web Console 19
If you want to enable TLSv1.0 and TLSv1.1 communications, contact Hewlett Packard Enterprise
technical support.
Blocking HTTP communication to the storage system
If the Web server (SVP) supports SSL (HTTPS), the HTTP setting tool allows you to block access to port
80. When you block access to port 80, the connection used to import the certificate from the Web browser
to the Web server (SVP) occurs on port 443 (HTTPS).
If you are using Command View Advanced Edition to access Remote Web Console, blocking HTTP
communication might interfere with that access. Make sure the Command View Advanced Edition can
use SSL communication to access Remote Web Console.
To block HTTP communication:
Procedure
1. Log off all Remote Web Console Web clients attached to the SVP.
2. Start both the Remote Web Console Web client and Web browser.
3. Specify the URL as follows:
https://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
4. In the Tool Panel dialog box, click Set up HTTP Blocking.
5. Enter the User ID and Password for the storage administrator, then click Logon. The Set up HTTP
Blocking dialog box appears.
6. Click OK. A confirmation dialog box appears.
7. Click OK to implement HTTP blocking. When the configuration change is complete, the SVP reboots.
Once the reboot is complete, the HTTP Communications Blocked dialog box appears. If you want to
cancel the operation and return to the logon dialog box, click Cancel.
It may take 30 or 60 minutes for the Web server to restart. In this case, the HTTP Communications
Blocked dialog box does not appear and an internal server error occurs, but the setting is actually
completed.
8. Click OK. You return to the logon dialog box.
Releasing HTTP communication blocking
To release the HTTP communication blocking:
Procedure
1. Log off of all Remote Web Console Web clients attached to the SVP.
2. Start both the Remote Web Console Web client and Web browser.
3. Specify the URL as follows:
https://IP-address-or-host-name-of-SVP/cgi-bin/utility/toolpanel.cgi
4. In the Tool Panel dialog box, click Release HTTP Blocking.
20 Setting up Remote Web Console
Table of contents
Other HPE Music Mixer manuals
