SSL certificate import problem using iLO3 (rx2800 i2)
SSL certificate import problem using iLO3 (rx2800 i2)
Greeting to everybody!
I have the problem of creation and importing SSL 2048 after CSR. That certificate for web access to iLO on rx2800i2 server.
The existing self- signed certificate works. The certificate details are the following:
Signature algorithm: sha256RSA
Signature hash algorithm: sha256
.
.
.
Public key: RSA (1024 Bits)
Key Usage: Certificate Signing, Off-line CRL Signing, CRL Signing (06)
The intention is to use 2048 Bits certificate after its creation within a Certificate Signing Request (CSR), for the stronger security. The problem is that iLO refused to import generated certificate.
If you have experience to do that, please provide the proper steps and values sample for certificate data, which is to be sent to CSR. I need the detailed instructions on how to fill the parameters for CSR and how to generate the 2048 bits certificate, compatible to iLO3 import.
Thanks.
Sergey Zadorozhny
I have the problem of creation and importing SSL 2048 after CSR. That certificate for web access to iLO on rx2800i2 server.
The existing self- signed certificate works. The certificate details are the following:
Signature algorithm: sha256RSA
Signature hash algorithm: sha256
.
.
.
Public key: RSA (1024 Bits)
Key Usage: Certificate Signing, Off-line CRL Signing, CRL Signing (06)
The intention is to use 2048 Bits certificate after its creation within a Certificate Signing Request (CSR), for the stronger security. The problem is that iLO refused to import generated certificate.
If you have experience to do that, please provide the proper steps and values sample for certificate data, which is to be sent to CSR. I need the detailed instructions on how to fill the parameters for CSR and how to generate the 2048 bits certificate, compatible to iLO3 import.
Thanks.
Sergey Zadorozhny
Re: SSL certificate import problem using iLO3 (rx2800 i2)
Hello Sergey,
Please, specify what version of SSL you have installed on your rx2800.
Regards, Eugeny.
Please, specify what version of SSL you have installed on your rx2800.
Regards, Eugeny.
Re: SSL certificate import problem using iLO3 (rx2800 i2)
Hello, Eugeny,
Both SSL certificates have V3. Currently used one is a 1024 bit long self signed, vendor provided certificate. I am trying to import a new 2048 bit long certificate, issued after CSR.
Thanks,
Sergey
Both SSL certificates have V3. Currently used one is a 1024 bit long self signed, vendor provided certificate. I am trying to import a new 2048 bit long certificate, issued after CSR.
Thanks,
Sergey
-
- VSI Expert
- Active Contributor
- Posts: 25
- Joined: Mon Jun 24, 2019 9:51 am
- Reputation: 0
- Status: Offline
Re: SSL certificate import problem using iLO3 (rx2800 i2)
This isn't really an OpenVMS issue; you would have exactly the same problem if the server was running HPUX. It's an issue with the server's ILO3 implementation, so you'd probably need to open a case with HPE Engineering on the matter. Most likely there are limitations as to what types of certificate ILO3 is accepting...
Re: SSL certificate import problem using iLO3 (rx2800 i2)
Yes, I agree, that the problem is OS neutral, but I am dealing with the server running OpenVMS; the fact, which make the solution finding even more complicated. I opened the case with HPE and was curios if anybody from OpenVMS users have ever tried to implement more modern and secure certificates for iLO3...brett.cameron wrote: ↑Wed Apr 08, 2020 6:50 amThis isn't really an OpenVMS issue; you would have exactly the same problem if the server was running HPUX. It's an issue with the server's ILO3 implementation, so you'd probably need to open a case with HPE Engineering on the matter. Most likely there are limitations as to what types of certificate ILO3 is accepting...
-
- VSI Expert
- Active Contributor
- Posts: 25
- Joined: Mon Jun 24, 2019 9:51 am
- Reputation: 0
- Status: Offline
Re: SSL certificate import problem using iLO3 (rx2800 i2)
Possibly this is relevant: https://support.hpe.com/hpesc/public/do ... =c05315789
And ensure that the server is using the latest or last known good firmware version.
And ensure that the server is using the latest or last known good firmware version.
Re: SSL certificate import problem using iLO3 (rx2800 i2)
Sorry for bringing up this old topic once again.
What was the result of the HPE case?
The linked document from HPE is no longer available.
We also have more and more problems with certificates on rx2800i4/i6 servers with the latest firmware.
Best Regards,
Christoph
What was the result of the HPE case?
The linked document from HPE is no longer available.
We also have more and more problems with certificates on rx2800i4/i6 servers with the latest firmware.
Best Regards,
Christoph