HPE Community
ProLiant Servers (ML,DL,SL)
1753259 Members
5528 Online
108792 Solutions
New Discussion юеВ

Re: Import-HPEiLOCertificate ERROR without details

 
UnicefTacro
Occasional Advisor

тАО12-31-2018 10:29 AM

тАО12-31-2018 10:29 AM

Import-HPEiLOCertificate ERROR without details

I am trying to use the HPE PS Module to request and install a certificate on a newly provisioned DL380 G10 server but I am getting the error below.

I know that the problem is not the code or the cert because I imported the same cert manually through the ILO GUI and worked:

$ImportResult = Import-HPEiLOCertificate -Connection $Conn -Certificate $ILOCERTFileName -OutputType RawResponse -Verbose

VERBOSE: Performing the operation "Import-HPEiLOCertificate" on target "IP: x.x.x.x".

VERBOSE: [Import-HPEiLOCertificate] Executing the cmdlets with 1 task serially.

VERBOSE: [Import-HPEiLOCertificate][x.x.x.x]: Creating Redfish request.

VERBOSE: [Import-HPEiLOCertificate][x.x.x.x]: Sending Redfish request to PATCH/POST/DELETE the JSON payload.

VERBOSE: [Import-HPEiLOCertificate][x.x.x.x]: Processing JSON response.

 

PS > $ImportResult | fl *

Target: x.x.x.x

URL: https://x.x.x.x/redfish/v1/Managers/1/SecurityService/HttpsCert/Actions/HpeHttpsCert.ImportCertificate/

ContentType: application/json

Response: {"error":{"code":"iLO.0.10.ExtendedInfo","message":"See @Message.ExtendedInfo for more information.","@Message.ExtendedInfo":[{"MessageId":"iLO.2.4.ImportCertif

icateFailed"}]}}

 

0 Kudos
Reply
5 REPLIES 5
MV3
HPE Pro

тАО01-02-2019 12:59 AM

тАО01-02-2019 12:59 AM

Re: Import-HPEiLOCertificate ERROR without details

Hi,

Please raise a support ticket with HPE, Looks like this need an investigation.

Cheers.

 

I work for HPE.

I am an HPE employee.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
GokulKS
HPE Pro

тАО01-02-2019 02:32 AM

тАО01-02-2019 02:32 AM

Re: Import-HPEiLOCertificate ERROR without details

Hi,

I have few questions based on your script command you posted.

1) Why are you using -OutputType RawResponse ? If its for troubleshooting then fine otherwise don't use as it will not hit the iLO server it just gives the json response data.

2) Did you use -raw option when reading the certificate file content for $ILOCERTFileName. If not please use it in your get-conent command otherwise it may not work. I assume you have the certificate file content stored in the $ILOCERTFileName variable.

Please check these and come back with your results.

Thanks,

Gokul


I am a HPE Employee

Accept or Kudo

Reply
UnicefTacro
Occasional Advisor

тАО01-03-2019 11:59 AM - edited тАО01-03-2019 12:06 PM

тАО01-03-2019 11:59 AM - edited тАО01-03-2019 12:06 PM

Re: Import-HPEiLOCertificate ERROR without details

Thanks,

2. About the variable - it didnt occur to me that the cmdlet was expecting actual cert content instead of a filename, I'll try that!

1. 'rawresponse' I put afterwards just hoping to get more info on the 2nd or 3rd attempt.

0 Kudos
Reply
Adis_S
Advisor

тАО01-17-2019 02:00 AM

тАО01-17-2019 02:00 AM

Re: Import-HPEiLOCertificate ERROR without details

I have this also and was reported Import-HPEiLOCertificate Status ERROR

Also in that link is output when using -OutputType RawResponse and RawRequest

Import-HPEiLOCertificate -Connection $connection -Certificate $cert1 -OutputType RawResponse -Verbose
Import-HPEiLOCertificate -Connection $connection -Certificate $cert1 -OutputType RawRequest -Verbose
0 Kudos
Reply
Adis_S
Advisor

тАО01-31-2019 03:36 AM

тАО01-31-2019 03:36 AM

Re: Import-HPEiLOCertificate ERROR without details

In our case it seems our Certificate are "big" length over 3052, and iLO3/iLO4/iLO5 supports up to 3KB (User Guide), and also we have Windows EOL in our certificate file (CR+LF). You can for example use Notepad++ to convert to UNIX (LF) [Notepad++ | Edit | EOL Conversion | Unix (LF) ] or below PowerShell cmdlets (credits HPE) to do it with powershell, after that we were able to import Certificate to iLO5 (over redfish) but not on iLO4 (Gen8/Gen9 servers)

Please note it will override the original file so make a copy.

$path = "<C:\Temp\somecert.cer>"
(Get-Content $path -Raw).Replace("`r`n","`n").Trim()| Set-Content $path -Force -NoNewline
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.