Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Search for | Example | Results |
---|---|---|
A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Search for | Operator | Example |
---|---|---|
Two or more words in the same topic |
|
|
Either word in a topic |
|
|
Topics that do not contain a specific word or phrase |
|
|
Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
A combination of search types | ( ) parentheses |
|
- System Security
- Encryption of configuration file settings
- Encryption of operator passwords
- Encryption of client keystore passwords
- Randomly generated master keys
- Inactivity timer
- Lockout feature
- System quiesce: Login restrictions
- Mandanten file security
- Multicompany mode
- Script utilities
- Security tables
- Secure Sockets Layer (SSL) encryption and server certificates
- TLS 1.2 Support and Configuration
- Trusted sign-on
- Common Access Card (CAC) sign-on
- SAML Single Sign-On
- FIPS mode
- Tokenization
TLS 1.2 support and configuration
When the Service Manager web tier, the Mobility client, and SRC act as TLS/SSL servers, they use the Oracle or IBM Java virtual machine (JVM) that is required by your third-party web applications server to securely manage and connect incoming client requests that use TLS or SSL protocols. Examples of client requests include requests that originate from web browsers that are running on end-user’s workstations. Depending on the third-party web application server, these connections default to the highest supported version of the TLS/SSL protocol. HPE does not provide the software that hosts the Service Manager web tier, Mobility client, or SRC products; and it is this software that controls the specific TLS/SSL protocols that are used. As such, HPE recommends that you consult the vendor of your browser and third-party web application server (such as IBM Websphere, Oracle WebLogic, and Apache Tomcat) for information about how to configure TLS 1.2.
As of Service Manager 9.41, the web tier, Mobility client and Windows client use TLS 1.2 by default.
The Service Manager server uses Java to securely manage and connect incoming client requests that use TLS and SSL protocols. In this scenario, the Service Manager server is acting as a TLS/SSL server. As of Service Manager 9.41, the Service Manager server uses TLS 1.2 by default (TLS 1.0 and TLS 1.1 are also supported). To enforce the TLS 1.2 protocol, configure the following parameter in the sm.ini file:
sslProtocols:TLSv1.2
When the Service Managerserver acts as a TLS/SSL client, it uses OpenSSL to connect to the Directory Services server via the secure LDAP protocol. Secure LDAP is also known as LDAP over SSL (LDAPS). Depending on the Directory Service server, these connections will default to the highest supported version of the TLS/SSL protocol. To force the Service Manager server to establish only TLS 1.2 connections with the LDAP server, set the following environment variable in the operating system:
LDAPTLS_PROTOCOL_MIN=3.3
Note For information about how to set an environment variable, refer to your operating system’s documentation or to your server administrator.
The Service Manager server may act as a TLS/SSL client to securely connect to SMTP servers or to consume third-party external Web Services over HTTPS, depending on the SMTP Server or the Web Services server. These connections will default to TLS 1.2. To enforce the TLS 1.2 protocol for these scenarios, configure the following parameter in the sm.ini file:
sslProtocols:TLSv1.2
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to ovdoc-ITSM@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: