No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


OceanStor 9000 V300R006C00 Object Storage Service (Compatible with OpenStack Swift APIs) Administrator Guide 07

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Managing Security Certificates

Managing Security Certificates

You need to import and replace security certificates to ensure the system security.

Table 12-5 lists all security certificates involved in the object storage service. You need to import and replace the security certificates listed in Table 12-5 to improve the system security. For details about how to import and replace the security certificates, see OceanStor 9000 Security Maintenance.

Table 12-5  Security certificates



Importing a DeviceManager security certificate

After a DeviceManager security certificate is imported, no certificate error is prompted when DeviceManager is accessed.

Replacing a DeviceManager security certificate

Users can replace DeviceManager's self-signed certificate with a certificate trusted by their browsers, and regularly update the certificate.

Replacing a Toolkit security certificate

Toolkit uses a self-signed certificate, which is not trusted by users' browsers. Users can replace the certificate with a certificate trusted by their browsers and update the certificate.

Replacing the Management Interface Service Certificate and Private Key of a Storage Cluster

The management interface service and private key of a storage cluster is used for SMI-S provider to communicate with OceanStor 9000. For security purposes, users are advised to replace and regularly update the management interface service certificate and private key of a storage cluster.

Replacing SSH host keys

To ensure customers' secure shell (SSH) security, you are advised to replace SSH host keys of each storage node after system software is installed, and regularly update the SSH host keys.

Importing an HTTPS security certificate of the object storage service

The system provides a built-in HTTPS security certificate of the object storage service. If you want to use your own certificate, you can import it and replace the original certificate after the system is successfully installed.

Importing the Security Certificate of the Keystone Server

To ensure that the object storage service (compatible with OpenStack Switch APIs) can communicate with the keystone server after HTTPS is enabled on the Keystone server, import the security certificate of the Keystone server to a storage cluster.

Updated: 2019-04-28

Document ID: EDOC1000122524

Views: 10665

Downloads: 86

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next