Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II)
cancel
Showing results for 
Search instead for 
Did you mean: 

Precision on certificates

MLabiche
Occasional Contributor

Precision on certificates

We are currently in the procees ton in^tegrate Ilo Security in a AD infrastructure

It is clear that we need to install certificates on Domain Controleurs in norder for then to support LDAPS protocol with is required for the Domain Controler and ILO card to communicate. What is not clear is the following : Do we have to install certicates also on the each Ilo card ? This is 2priority one" question ;-)

What is confusing that in the usr guide documentation, it is recommanded to install a Enterprise CA and then Configure the whole Domain (using the Domain Policy) for automatic certificate enrollement. This Way all domain controlers should get automatic Certificate (Right ? wouldn't it be instead Domain controler policy ?). Also as a matter of demonstration Certicates on the domain controlers can be installed "manualy" avoiding the CA Installation steps if we aleady have Third party Cert Architecture ?

Fianally what about ILO cards since they are not part of the domain and thus not getting certificates automaticaly ?

Many Thanks for your anwsers


Best Regards
3 REPLIES
barnett chan
Trusted Contributor

Re: Precision on certificates

The Enterprise CA is installed on your Directory and you don't install Certificates to the iLO, but iLO needs to configure for the correct directory settings.
acartes
Honored Contributor

Re: Precision on certificates

>> Do we have to install certicates [on each iLO]?

No, it is not necessary to install a certificate in iLO. For directory integration to use SLDAP (LDAP over SSL), the DC needs the certificate; iLO already has one.
MLabiche
Occasional Contributor

Re: Precision on certificates

Correct : After the test the certificate is only mandatory on the DC
Also you can install the certificate manualy with out configuring specific GPO.

Thanks to all

Best regards