ProLiant Servers (ML,DL,SL)
Showing results for 
Search instead for 
Did you mean: 

iLO - Secure Socket Layer (SSL) Expired Certificate

Occasional Contributor

iLO - Secure Socket Layer (SSL) Expired Certificate

Have a server being flagged with the following vulnerabiity on my iLO nic:

Secure Socket Layer (SSL) Expired Certificate

Recommendation: Replace the expired certificate with a new, valid certificate.


iLO Software

iLO Firmware: 3 1.82


If downgrade to iLO Firmware: 3 1.80 vulnerability goes away but get flagged for other vulnerabilities cause it's not at the latest version.  Upgrade back up to 3 1.82 and cert does not get updated and is being flagged.


Any ideas/suggestions??



Oscar A. Perez
Honored Contributor

Re: iLO - Secure Socket Layer (SSL) Expired Certificate

You probably still have the iLO default Self-Signed SSL Certificate in place.  


Just like the default Administrator password that comes printed on the Toe-Tag that you problably already changed with your own admin password, users are also supposed to replace the iLO default SSL certificate with a "trusted" SSL Certificate signed by your own Certification Authority as soon as iLO is configured.


Why is this important? Because Self-Signed SSL Certificates make you vulnerable to Man-In-The-Middle attacks.  So, get those self-signed certs replaced as soon as you can.  


If you don't have a Certification Authority in your organization, you need to create a Root CA and also a subordinate CA that will sign the iLO CSRs.


Refer to the iLO user guide for more information about how to import SSL Certificates into iLO.





If you feel this was helpful please click the KUDOS! thumb below!