Certificate management

HPE OneView uses HTTPS to communicate with managed devices and remote servers. HTTPS is based on Transport Layer Security (TLS). HTTPS and TLS offer the following benefits:
  • Confidentiality: Data is encrypted on the wire using symmetric key cryptography.

  • Message integrity: Secure hash functions guarantee integrity.

  • Authentication: HPE OneView authenticates the remote end point of the HTTPS connection. Public key cryptography is used to authenticate HTTPS and TLS.

The certificate that gets generated by default on a newly installed appliance is an RSA certificate. Currently, only RSA certificates are supported for the appliance certificate.

Public key cryptography uses public and private key pairs to encrypt and decrypt data. In a public key system, digital certificates certify the ownership of the public key. Digital certificates also certify the allowed usage of that key (for example, digital signatures, certificate signing, encryption).

HPE OneView supports the use of both self-signed certificates and certificate authority-issued (CA) certificates in a formal public key infrastructure (PKI).