Skip to main content

3.8 Configuring the HTTPS Service for Login to the XSCF

3.8 Configuring the HTTPS Service for Login to the XSCF
This section describes how to configure the HTTPS service.
The HTTPS service settings are configured for use of XSCF Web with a connection to the XSCF-LAN and for use of a Web browser window. Use the settings described here to enable/disable HTTPS and use HTTPS. HTTPS is disabled by default in these systems. The XSCF Web console can be a secure console.
Selecting a Certificate Authority
Considering the customer's system and Web browser environment, select one of the following certificate authorities:
  1. External certificate authority
  2. Intranet certificate authority
  3. Self-signed certificate authority
If the customer's environment has neither an external certificate authority nor an intranet certificate authority, use the XSCF self-signed certificate authority. (See "3.8.2  Flow When Using a Self-Signed Certificate Authority.")
The XSCF self-signed certificate authority is a self-signed certificate authority configured with the XSCF, and it cannot be used as an external certificate authority for other systems.
Expiration Time of a Self-Signed Certificate
A self-signed certificate has the following fixed expiration time:
  1. Server certificate: 10 years
After the expiration time of the Web server certificate has elapsed or the Web server certificate has been changed, configure the HTTPS service again.
Distinguished Name (DN)
To generate a Web server certificate signing request (CSR), specify the Distinguished Name (DN) as follows:
Note - In the XSCF self-signed certificate authority, the key length for the self-signed certificate used for the signature for a Web server certificate is 2048-bit. The key length cannot be changed.
  1. 2-letter country code (e.g., US or JP)
  2. Region
  3. City
  4. Organization (company) name, division or section name
  5. Common name (user name, Web server host name)
  6. Administrator e-mail address
Except the country code, the above entries have up to 64 characters. For details on the DN, see the sethttps(8) command man page or the Fujitsu SPARC M12 and Fujitsu M10/SPARC M10 XSCF Reference Manual.