HP CloudSystem Foundation Podręcznik Użytkownika Pobierz pdf (Strona 25)

• Always log out before closing the browser.

In the browser, a memory-based cookie stores the authenticated user’s session ID.

Memory-based cookies are deleted when you close the browser. When you log out, the session

on the appliance is invalidated.

• Avoid clicking links outside the appliance UI.

While logged in to the appliance, avoid clicking links in email or instant messages. The links

might be malicious and take advantage of your login session.

• Use separate browsers for appliance and non-appliance use.

Do not use the same browser instance (for example, separate tabs in the same browser) to

browse to other websites.

Managing certificates from a browser

A certificate authenticates the appliance over SSL. The certificate contains a public key, and the

appliance maintains the corresponding private key, which is uniquely tied to the public key.

NOTE: This section discusses certificate management from the perspective of the browser. For

information on how a non-browser client (such as cURL) uses the certificate, see the documentation

for that client.

The certificate also contains the name of the appliance, which the SSL client uses to identify the

appliance.

The certificate has the following boxes:

• Common Name (CN)

This name is required. By default it contains the fully qualified host name of the appliance.

• Alternative Name

The name is optional, but HP recommends supplying it because it supports multiple names

(including IP addresses) to minimize name-mismatch warnings from the browser.

By default, this name is populated with the fully qualified host name (if DNS is in use), a short

host name, and the appliance IP address.

NOTE: If you enter Alternative Names, one of them must be your entry for the Common

Name.

Self-signed certificate

The default certificate generated by the appliance is self-signed; it is not issued by a trusted certificate

authority.

By default, browsers do not trust self-signed certificates because they lack prior knowledge of them.

The browser displays a warning dialog box; you can use it to examine the content of the self-signed

certificate before accepting it.

Protecting credentials

Local user account passwords are stored using a salted hash; that is, they are combined with a

random string, and then the combined value is stored as a hash. A hash is a one-way algorithm

that maps a string to a unique value so that the original string cannot be retrieved from the hash.

Passwords are masked in the browser. When transmitted between appliance and the browser over

the network, passwords are protected by SSL.

Local user account passwords must be a minimum of eight characters, with at least one uppercase

character. The appliance does not enforce additional password complexity rules. Password strength

Managing certificates from a browser 25

1 2 ... 20 21 22 23 24 25 26 27 28 29 30 ... 210 211

Komentarze do niniejszej Instrukcji

Brak uwag

HP CloudSystem Foundation Podręcznik Użytkownika Strona 25

Komentarze do niniejszej Instrukcji

Powiązane produkty i podręczniki dla Oprogramowanie HP CloudSystem Foundation