HP Service Manager allows Customers to configure Secure Sockets Layer (SSL) encryption for all network communications between clients and servers except between SCAuto TCP communications. Out-of-box, Service Manager provides a demonstration server certificate that customers can use for SSL encryption. To implement addition SSL options, such as host verification and client certificates, a customer will need to install your own SSL certificates.
The HP Service Manager server now encrypts all operator passwords stored on the database using a SHA512 one-way encryption process that cannot be decrypted. Service Manager clients use a two-way encryption process (PBE with MD5 and DES) to secure operator passwords when communicating with the server. The server decrypts the password sent from the client and then one-way encrypts it to compare the results to the encrypted value stored in the database. The server never stores the operator password in an unencrypted form.
If a custonmersâ s Service Manager implementation uses LDAP authentication, the server must still send an unencrypted operator password to the directory service because LDAP servers are unaware of Service Managerâ s encryption scheme. If you require encryption between Service Manager and the LDAP server, you can configure OpenSSL or another standard encryption scheme between the two servers.