Force Trust validation for outbound client connections

Outbound client connections in SSMC web application involve TCP/TLS. When FIPS 140-2 mode is not enabled, the server certificate trust validation is optional and is not always mandated by SSMC for connections to all external systems other than the storage array. However, to ensure that server certificate is always validated and trust verified, which is required by Standards security, set the following property in ssmc.properties to true as shown:

ssmc.tls.trustManager.enabled=true

SSMC service must be restarted (TUI menu option 2) for the setting to take effect. Ensure that you import trust certificates suitably for all the existing external system connections (RMC, InfoSight, and SMTP) for working properly post enabling this setting. For more information on how to import SMTP certificate, see Importing a trust certificate for SMTP server in SSMC. See the HPE SSMC User Guide for instructions to import HPE InfoSight or HPE RMC certificates.