Skip to main content

Importing the Certificate Authority certificate into a web browser

To avoid security warning messages from your web browser when you access Lenovo XClarity Administrator, you can download a copy of the current Certificate Authority (CA) certificate, in PEM or DER format, to your local system, and then import that certificate into your web browser's list of trusted certificates.

About this task

XClarity Administrator supports RSA-3072/SHA-384, RSA-2048/SHA-256, and ECDSA p256/SHA-256 certificate signatures. Other algorithms such as SHA-1 stronger or SHA hashes might be supported depending on your configuration. Consider the selected cryptographic mode in XClarity Administrator (see Configuring cryptography settings on the management server), the selected security settings for managed servers (Configuring the security settings for a managed server), and the capabilities of other software and devices in your environment. ECDSA certificates that are based on some elliptic curves (including p256), but not all elliptic curves, are supported on the Trusted Certificates page and in the signing chain of the XClarity Administrator certificate but are not currently supported for use by the XClarity Administrator server certificate.
Note
XClarity Administrator uses RSA- 3072/SHA-384 certificate signatures for servers with XCC2 in Strict mode.

Procedure

To download the server certificate, complete the following steps.

  1. From the XClarity Administrator menu bar, click Administration > Security to display the Security page.
  2. Click Certificate Authority under the Certificate Management section. The Certificate Authority page is displayed.
  3. Click Download Certificate Authority Root Certificate.
  4. Click Save as der or Save as pem to save the server certificate as a DER or PEM file on your local system.
  5. Import the downloaded certificate into the list of trusted root authority certificates for your browser.

    • Chrome:

      1. From your Chrome browser, click the three dots in the upper right corner of the window, and then, click Settings to open the Settings page.
      2. Click Privacy and Security, and then click Security to display the Security page.
      3. Scroll to the Advanced section, and then click Manage device certificates.
      4. Click Import, and click Next.
      5. Select the certificate file that you previous exported, and click Next
      6. Choose where to store the certificate, and click Next.
      7. Click Finish.
      8. Close and reopen the Chrome browser, and then open XClarity Administrator.

    • Firefox:

      1. Open the browser, and click Tools > Settings, and then click Privacy & Security.
      2. Scroll down to the Security section.
      3. Click View certificates to display the Certificate Manager dialog.
      4. Click the Your Certificates tab.
      5. Click Import, and browse to the location where the certificate was downloaded.
      6. Select the certificate, and click Open.
      7. Close the Certificate Manager dialog.