- Community Home
- >
- Software
- >
- HPE OneView
- >
- Re: HP-Oneview 4.0 upgrade Issues
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-24-2018 03:21 AM
05-24-2018 03:21 AM
Re: HP-Oneview 4.0 upgrade Issues
@KSM1 yeah I know, I have corrected it for the Gen8 machines. for Gen7 machines I can't get it fixed. Certificate has a correct date (start 2018/end 2033), but the error still remains.
And second, the error starting with 'Leaf certificate' is still displayed as a critical alerts. I still can't remove the error myself.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2019 02:42 PM
01-09-2019 02:42 PM
Re: HP-Oneview 4.0 upgrade Issues
Currently on OneView 4.10 and this issue still exist it seems, 3 iLO connections reporting SSL certs
Valid From Jan 30 23:00:00 2013 GMT
Valid Until Dec 26 17:31:44 2001 GMT
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2019 09:30 PM
01-09-2019 09:30 PM
Re: HP-Oneview 4.0 upgrade Issues
Hi @YYCSysAdmin
I work for HPE.
Can you help us with any further information you can share on this?
The incorrect valid from / valid until dates in certificates on some of the iLOs - are you having trouble in fixing the firmware and certificates on the 3 iLOs?
Or, are you stating that
1. the locked alerts are still there in OneView 4.10 and not getting cleared even though the certificates got fixed?
2. OneView 4.10 is alerting about the specific bad certificates (whereas it should not be)
Regards,
Bhaskar
I am an HPE employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2019 07:22 AM
01-10-2019 07:22 AM
Re: HP-Oneview 4.0 upgrade Issues
Hello,
The iLO are gen 4, using firmware 2.60 May 23 2018, on blade nodes ProLiant BL460c Gen8. We are using OneView 4.10 currently. The alerts are showing for 3 nodes and the expiration date is showing as Dec 2001
Issued By
C = US, ST = TX, L = Houston, O = Hewlett-Packard Company, OU = ISS, CN = iLO Default Issuer (Do not trust)
Valid From
Jan 30 23:00:00 2013 GMT
Valid Until
Dec 26 17:31:44 2001 GMT
Serial Number
52:6a:a1:3c
I will be doing a host rename on the iLO and a power cycle for it to generate new certificates, unless there is a better method that does not require me to power cycle the blade node?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2019 07:26 AM
01-10-2019 07:26 AM
Re: HP-Oneview 4.0 upgrade Issues
A power cycle of the server is never required just to change or update the iLO SSL Cert, let alone the iLO configuration. If you want to automate this process, or do multiple iLOs without needing to go to their respective web management UI's, you can use this PowerShell script.
I am an HPE employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2019 09:17 AM
01-10-2019 09:17 AM
Re: HP-Oneview 4.0 upgrade Issues
Thank you Chris,
I was going by what a couple of other people had posted their solution was to the issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2019 10:50 AM
01-10-2019 10:50 AM
Re: HP-Oneview 4.0 upgrade Issues
Question, as I am running into an issue. I am trying to test this in our lab but receiving an error
"The certificate is not truested due to these X509CertChain flags: NotTimeValid" -
I checked the GitHub page but do not see a support thread related to this script. The MS links did provide possible ignore flags but I am unsure where to put them into the script to ingnore the NotValidTime error.
I would like to test this out in our lab first if possible.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2019 11:33 AM
01-10-2019 11:33 AM
Re: HP-Oneview 4.0 upgrade Issues
Replace Line 166:
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
with
[System.Net.ServicePointManager]::CertificatePolicy = { $true }
I am an HPE employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2019 02:48 PM
01-10-2019 02:48 PM
Re: HP-Oneview 4.0 upgrade Issues
Thank you very much!
My next inquiry, can i specify this to only do a single iLO vs all nodes in OneView? Or does it prompt once run?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2019 02:51 PM
01-10-2019 02:51 PM
Re: HP-Oneview 4.0 upgrade Issues
Line 170 is where you would change to something like:
$servers = Get-HPOVServer -Name ServerName
or for wildcard search
$servers = Get-HPOVServer -Name ServerName*
I am an HPE employee