Lenovo XClarity Administrator uses SSL certificates to establish secure, trusted communications
between XClarity Administrator and its managed devices (such as chassis and service processors
in the System x servers) as well as communications with XClarity Administrator by users or with different services. By default, XClarity Administrator, CMMs, and baseboard management controllers use XClarity Administrator-generated certificates that are self-signed and issued
by an internal certificate authority.
The default self-signed server certificate, which
is uniquely generated in every instance of
XClarity Administrator, provides sufficient security for many environments. You
can choose to let
XClarity Administrator manage certificates for you, or you can take a more active
role and customize or replace the server certificates.
XClarity Administrator provides options for customizing certificates for your
environment. For example, you can choose to:
- Generate a new pair of keys by regenerating the internal
certificate authority and/or the end server certificate that uses
values that are specific to your organization.
- Generate a certificate signing request (CSR) that
can be sent to your choice of certificate authority to sign a custom
certificate that can then be uploaded to XClarity Administrator to be used as end-server certificate for all its hosted
services
- Download the server certificate to your local system so that you
can import that certificate into your web browser's list of trusted
certificates.
For more information about certificates, see Working with security certificates.