Notes on registering certificates for HCS

System Administrator Guide for VSP 5000 Series

Version
90-09-2x
Audience
anonymous
Part Number
MK-98RD9009-16

Read the following notes about registering certificates for HCS:

  • Ensure that the certificate to be registered is the right one. If you register a wrong certificate, the storage system is not manged by using HCS and HCS external authentication is not performed.
  • Only with registration of the correct certificate, the storage system is manged by using HCS and HCS external authentication operates normally.
  • When you perform a certificate revocation check by using CRL, set the URI of the CRL repository for cRLDistributionPoint (CRL distribution point) of the intermediate certificate and server certificate set on the connected server. The CRL repository must be on the network that can be accessed by the SVP so that the SVP can communicate with the CRL repository. If the SVP cannot communicate with the CRL repository, HCS external authentication fails.
  • When you perform a certificate revocation check by using OCSP, correctly set the URI of the OCSP responder for authorityInfoAccess (Authority Information Access) of the intermediate certificate and server certificate set on the connected server. The OCSP responder must be on the network that can be accessed by the SVP so that the SVP can communicate with the OCSP responder. If the SVP cannot communicate with the OCSP responder, HCS external authentication fails.