Managing CA-signed array certificates for SSMC

SSMC must validate and trust the TLS certificates presented by the arrays whenever it makes a connection to these arrays.

When you register an array for management using the Administrator Console, SSMC retrieves the certificate presented by the array while making a TLS connection. SSMC then allows you to review, approve, and cache the certificate for making subsequent connections to the array. Once you trust and cache the certificates, the connection is trusted and the TLS connection is established.

However, in FIPS mode, these trust certificates must be imported manually. To manually import trust certificates for managed arrays, see Copying certificate information for use in SSMC.

NOTE: Array certificates help you assert the identity of the HPE storage array to SSMC. First, you must generate and install a suitable certificate on the array as per your internal CA requirements. For more information, see createcert command in the HPE Storage OS Command Line Interface Reference available from the Hewlett Packard Enterprise Support Center.