ProLiant Servers (ML,DL,SL)
Showing results for 
Search instead for 
Did you mean: 

iLO certifcate Subject Alternative Name no longer generated

Go to solution
Honored Contributor

iLO certifcate Subject Alternative Name no longer generated


In the past when I generated a CSR from an iLO, it would include the HOSTNAME as a subject alternative name for the certificate (non-FQDN format).  So if my server is SERVERX and my domain is MYDOMAIN.COM, it would generate a CSR with these names:


Howerver, this is no longer the case.  Being the lazy admin that I am , I usually just connect to the iLO via the hostname instead of the FQDN.  In the past, this was fine since the hostname was in the Subject Alternative Name - but this is now broken and I get a CERT error when I connect not using the FQDN.

Did something change with the ILO firmware that makes is so this is no longer being generated?  I am using an iLO 4 with 2.22 and 2.20 (ProLiant Gen9) - I have not tried the lasted firmware yet (which I think is 2.30).  I am pretty sure nothing changed with our CA - but I am not a expert in this area, so I really dont know for sure.  I am using the template I have used for years from our CA.



Honored Contributor

Re: iLO certifcate Subject Alternative Name no longer generated

I finally found a solution for this - at least as long as you are using a Microsoft AD CA server.  I had to use the "Additional Attributes" field in the certificate request form.  So create the custom certficate request in the iLO as normal - it will generate a CSR using the FQDN of the iLO.  Then when submitting that request to CA, add the following to the attributes field:


Where IPADDRESS is the IP address of the iLO and ILONAME is the non-FQDN name of the iLO in DNS.  For example if your iLO is MYSERVERILO using IP address of and the FQDN is, you will get a certifcate with the Subject name of (which comes from the iLO):

and Subject Alternative Names of: and MYSERVERILO

So all three names will work without a certifcate error.

Hope this helps others.