Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II) Forum
Showing results for 
Search instead for 
Do you mean 

ILO Certificate Question

Occasional Contributor

ILO Certificate Question

Hello – I am a new member, and I appreciate any advice anyone can give me about ILO. I am going to be rolling out ILO (not advanced) to about 600 servers shortly, and I do not understand about the certificate aspect of ILO. I understand SSL certificates in general and have deployed many through IIS, but I don’t see what place they have in ILO.

For example, does each server need a certificate, and should an internal CA be used? I will have a dedicated ILO server on a dedicated network, and that server will provide DHCP and DNS, and it could also be an internal CA if needed. But overall the problem is that I don’t see what the certificate would verify, since each server does not have a URL.

The ILO network will be all internal and not routed – it will only be accessed by engineers through this dedicated server via terminal services.
2 REPLIES
Honored Contributor

Re: ILO Certificate Question

I suggest you consult the iLO Security whitepaper here:
http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual〈=en&cc=us&docIndexId=179111&taskId=101&prodTypeId=18964&prodSeriesId=397989

In regard to certificates: they are used in all secure socket layer (SSL) connections over the network (the padlock in the browser). Certs are exchanged between the browser and iLO to establish encrypted communication.

Certificates are also used for other purposes.

However, iLO processors generate their own "self-signed" certificates so you are not required to deploy a certificate authority unless you intend on importing your certificates to iLO.
Occasional Contributor

Re: ILO Certificate Question

Thanks for the information - I am reading the Security white paper now.