BladeSystem Management Software

Using the Onboard Administrator (OA) to Generate new security keys

 
chuckk281
Trusted Contributor

Using the Onboard Administrator (OA) to Generate new security keys

Brandon was looking to help a customer:

 

************

 

Hi,

I have a customer who is looking to generate 2048-bit keys on their OA. (fw version is now 4.22). Is this a straight forward operation.

I’m aware that they can use the GENERATE KEYS command. I’m just wondering what the effect will be after generation. Any tips/advice gratefully accepted.

 

*************

 

Input from Keshab:

You should use the generate key command. 2048 bits is the default and SHA256 is the default hashing algorithm used for SSL keys.

 

The command also supports 1024bit keys but you can use those only in FIPS-OFF mode.

 

Note that the OA supports only RSA key generation for SSH and web services.

 

And from Dan: 

It just changes the SSL Cert on the OA. 

I did it on a chassis at home and haven’t seen any major side effects since. 

In fact my SSL Key was so old, it was causing problems with some browsers and using GENERATE KEY to update to a newer standard fixed the problem.

 

**************

 

Other comments?