HPE OneView
cancel
Showing results for 
Search instead for 
Did you mean: 

Expired Certificate Revocation Lists (CRL's)

 

Expired Certificate Revocation Lists (CRL's)

Oneview (4.00.09) is reporting that my in date CRL's are expired.

Yet more certificate woes with OneView or is there an easy fix for this?

(Also, any update on admins being able to clear locked alerts? Was hoping this would have been addressed in the .09 release.)

 

 

6 REPLIES 6
ChrisLynchHPE
Neighborhood Moderator

Re: Expired Certificate Revocation Lists (CRL's)

The 4.00.09 patch only addressed certain certificate expiration alerts.  CRL management today needs to be performed via the UI, or you can automate it with the API.


Accept or Kudo

Re: Expired Certificate Revocation Lists (CRL's)

The following PowerShell script can automate the process using the OneView REST API:

https://github.com/jullienl/HPE-Synergy-OneView-demos/blob/master/Powershell/OneView/Update%20all%20existing%20OneView%20CRLs.ps1

YYCSysAdmin
Frequent Advisor

Re: Expired Certificate Revocation Lists (CRL's)

Noted in that code

The 4.10 library will natively provide cmdlets to update the OneView CRLs  


How do we go about doing this in 4.10 ?

Re: Expired Certificate Revocation Lists (CRL's)

In 4.10 library, you just need to use the new cmdlet  Update-HPOVApplianceTrustedAuthorityCrl

 

help Update-HPOVApplianceTrustedAuthorityCrl -Examples


Get-HPOVApplianceTrustedCertificate -CertificateAuthoritiesOnly -Name "DigiCert Global CA G2" | Update-HPOVApplianceTrustedAuthorityCrl -Path C:\Directory\CA-updated.crl

 

 

NetworkSupport1
Occasional Visitor

Re: Expired Certificate Revocation Lists (CRL's)

When using the 'Get' and 'Update' combination we get the following error:  'Exception calling "GetProxy" with "1" argument(s): "This operation is not supported for a relative URI."'

ChrisLynchHPE
Neighborhood Moderator

Re: Expired Certificate Revocation Lists (CRL's)