In HP-UX, both public and private keys for HP SMH are stored in the /var/opt/hpsmh/sslshare directory. The files are called file.pem (private key) and cert.pem (server certificate).
In Linux, both public and private keys for HP SMH are stored in the /opt/hp/sslshare directory or /etc/opt/hp/sslshare directory in HP SMH 2.1.3 and later. The files are called file.pem and cert.pem.
In Windows, public and private keys are stored in the \hp\sslshare directory of the system drive.
To protect the key, this subdirectory is only accessible to administrators if the file system allows such security. For private key security reasons, HP highly recommends that Windows installations of HP SMH be installed on New Technology File System (NTFS).
IMPORTANT: For Windows operating systems, the file system must be NTFS for the private key to have administrator only access through the file.
If you feel that the private key has been compromised, the administrator can delete the \hp\sslshare\cert.pem file and restart the server. This action causes HP SMH to generate a new certificate and private key.
NOTE: Certificate and private key generation only occur the first time HP SMH is started or when no certificate and key pair exists.
A certificate from a certificate authority (CA), such as Verisign or Entrust, can be used to replace self-generated certificates. These certificate and key files are shared with other HP Management software, such as HP Systems Insight Manager.