IBM Support

Common Information Model Object Manager (CIMOM)

News


Abstract

CIM server is going to upgrade the OPENSSL security level by upgrading the default server key and certificate: CIM server key will be upgraded from RSA1024 to RSA2048, and CIM server certificate will be upgraded from SHA1 to SHA512.

Content

You are in: IBM i Technology Updates > Systems Management > Common Informational Model Object Manager

CIM server is going to upgrade the OPENSSL security level by upgrading the default server key and certificate: CIM server key will be upgraded from RSA1024 to RSA2048, and CIM server certificate will be upgraded from SHA1 to SHA512.

The PTF for change is SI60516 and the change is only impacting 5770UME V1R4M0.

This will only impact the CIM server's default auto-generated key and certificate, which will only be regenerated when CIM server doesn't find key and certificate when it is launching.
The CIM server key and certificate are generally located in /QOpenSys/QIBM/UserData/UME/Pegasus/ssl/keystore/serverkey.pem and /QOpenSys/QIBM/UserData/UME/Pegasus/ssl/keystore/servercert.pem which could be configured by changing server property sslKeyFilePath and sslCertificateFilePath.

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"Component":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB57","label":"Power"}}]

Document Information

Modified date:
30 January 2020

UID

ibm11274314

Page Feedback