BladeSystem - General
cancel
Showing results for 
Search instead for 
Did you mean: 

Powershell cmdlet to install a CA certificate on c7000 Onboard Administrator

SOLVED
Go to solution
Steve_Tippett
Occasional Advisor

Powershell cmdlet to install a CA certificate on c7000 Onboard Administrator

I have 200 c7000 enclosures and need to get valid SSL certificates installed on them via Powershell.  Generating the .csr file is working fine via Powershell.

But when I try to use the Add-HPOACertificate command (from the HPOAcmdlets module) to install the .cer file, I get an error.  My .cer file is legit - I can browse to the OA GUI and paste the file contents in - the OA resets and then I can see my new certificate.   But when I try scripting the install using the Add-HPOACertificate command, it quickly returns the error "The CA certificate is invalid." 

Here are the 2 key lines in the Powershell script:

$Target_Cert = Get-Content $Certificate_File -Raw

$Result = Add-HPOACertificate -Connection $Target_OA -Type CA -Certificate $Target_Cert

When I display the contents of $Target_Cert it looks good, and piping it thru Get-Member confirms the data type is String.

 

5 REPLIES
GZahidi
Advisor

Re: Powershell cmdlet to install a CA certificate on c7000 Onboard Administrator

Hi Steve,

 

Which OA firmware version are you using ?

Steve_Tippett
Occasional Advisor

Re: Powershell cmdlet to install a CA certificate on c7000 Onboard Administrator

Firmware 4.80 is installed across our fleet.
Thank you.


Sent with BlackBerry Work

GZahidi
Advisor

Re: Powershell cmdlet to install a CA certificate on c7000 Onboard Administrator

Hi,

You can not add SSL certificate through Cmdlet. You need to do it through Web login.

Though you can get the SSL certificate info by using Cmdlet Get-HPEOAcertificate -Type OA .

In your case you are adding SSL certificate and trying to Add certifcate as CA certificate, becuase of this  you are getting error as invalid certificate.

GZahidi
Advisor
Solution

Re: Powershell cmdlet to install a CA certificate on c7000 Onboard Administrator

Use the following cmdlet to import SSL certificate to OA

Start-HPOACertificateDownload -Connection $connection -Type OA -URL ftp://10.12.23.17/cer_southking/ldap_southking.cer -Bay <<Bay number of OA where you want to import certificate>>

 You need to store the certificate at ftp server and specify the full path of the certificate as URL in the cmldet.

Note :- If you do not specify the Onboard Administrator bay number, the certificate is downloaded to the current (Active) Onboard Administrator.

Steve_Tippett
Occasional Advisor

Re: Powershell cmdlet to install a CA certificate on c7000 Onboard Administrator

It's working now - thanks for the valuable advice!