Importing the Certificate Authority certificate into a web browser

To avoid security warning messages from your web browser when you access Lenovo XClarity Administrator, you can download a copy of the current Certificate Authority (CA) certificate, in PEM or DER format, to your local system, and then import that certificate into your web browser's list of trusted certificates.

About this task

XClarity Administrator supports RSA-3072/SHA-384, RSA-2048/SHA-256, and ECDSA p256/SHA-256 certificate signatures. Other algorithms such as SHA-1 stronger or SHA hashes might be supported depending on your configuration. Consider the selected cryptographic mode in XClarity Administrator (see Configuring cryptography settings on the management server), the selected security settings for managed servers (Configuring the security settings for a managed server), and the capabilities of other software and devices in your environment. ECDSA certificates that are based on some elliptic curves (including p256), but not all elliptic curves, are supported on the Trusted Certificates page and in the signing chain of the XClarity Administrator certificate but are not currently supported for use by the XClarity Administrator server certificate.
Note: XClarity Administrator uses RSA- 3072/SHA-384 certificate signatures for servers with XCC2 in Strict mode.

Procedure

To download the server certificate, complete the following steps.

  1. From the XClarity Administrator menu bar, click Administration > Security to display the Security page.
  2. Click Certificate Authority under the Certificate Management section. The Certificate Authority page is displayed.
  3. Click Download Certificate Authority Root Certificate.
  4. Click Save as der or Save as pem to save the server certificate as a DER or PEM file on your local system.
  5. Import the downloaded certificate into the list of trusted root authority certificates for your browser.
    • Firefox:

      1. Open the browser, and click Tools > Options > Advanced.
      2. Click the Certificates tab.
      3. Click View certificates.
      4. Click Import, and browse to the location where the certificate was downloaded.
      5. Select the certificate, and click Open.
    • Internet Explorer:

      1. Open the browser and click Tools > Internet Options > Content.
      2. Click Certificates to see a list of all certificates that are currently trusted.
      3. Click Import to display the Certificate Import wizard.
      4. Complete the wizard to import the certificate.