Importing the Certificate Authority certificate into a web browser

To avoid security warning messages from your web browser when you access Lenovo XClarity Administrator, you can download a copy of the current Certificate Authority (CA) certificate, in PEM or DER format, to your local system, and then import that certificate into your web browser's list of trusted certificates.

About this task

Lenovo XClarity Administrator supports PKCS 1.5 RSA-2048/SHA-256 certificate signatures and ECDSA p256/SHA-256 signatures in all product configurations. Other algorithms such as SHA-1 stronger or SHA hashes might be supported depending on your configuration. Consider the selected cryptographic mode in Lenovo XClarity Administrator (see Configuring cryptography settings) and the capabilities of other software and devices in your environment. ECDSA certificates that are based on some elliptic curves (including p256), but not all elliptic curves, are supported on the Trusted Certificates page and in the signing chain of the Lenovo XClarity Administrator certificate but are not currently supported for use by the Lenovo XClarity Administrator server certificate.
Note: Only PKCS 1.5 RSA-2048/SHA-256 signatures are supported. RSA-PSS signatures are not supported at this time.

Procedure

To download the server certificate, complete the following steps.

  1. From the XClarity Administrator menu bar, click Administration > Security to display the Security page.
  2. Click Certificate Authority under the Certificate Management section. The Certificate Authority page is displayed.
  3. Click Download Certificate Authority Root Certificate.
  4. Click Save as der or Save as pem to save the server certificate as a DER or PEM file on your local system.
  5. Import the downloaded certificate into the list of trusted root authority certificates for your browser.
    • Firefox:

      1. Open the browser, and click Tools > Options > Advanced.
      2. Click the Certificates tab.
      3. Click View certificates.
      4. Click Import, and browse to the location where the certificate was downloaded.
      5. Select the certificate, and click Open.
    • Internet Explorer:

      1. Open the browser and click Tools > Internet Options > Content.
      2. Click Certificates to see a list of all certificates that are currently trusted.
      3. Click Import to display the Certificate Import wizard.
      4. Complete the wizard to import the certificate.