HPE Community
Server Management - Remote Server Management
1753808 Members
8251 Online
108805 Solutions
New Discussion

Re: ILO Certificate with both FQDN and Host Name

 
Peter J West
Frequent Advisor

‎09-29-2017 08:17 AM

‎09-29-2017 08:17 AM

ILO Certificate with both FQDN and Host Name

Hi,

We're in the process of assigning new certificates to our ILO's from our own internal PKI setup.

All seems to work ok but the scripted solution i'm using seems to only assign the FQDN as the subject of the new certificate; the upshot of this is that if we connect to the Server using just the host name then we get a certificate warning.

Is there any way to have the certificate also include just the host name as part of the SubjectAlternateName?

Or is it deemed that the administrator should always use the FQDN when connecting so they can be 100% sure which host they are connecting to?

Thanks in advance with any help on this.

Pete

0 Kudos
Reply
1 REPLY 1
NJK-Work
Honored Contributor

‎11-06-2017 11:22 AM

‎11-06-2017 11:22 AM

Re: ILO Certificate with both FQDN and Host Name

If you are using certreq.exe to submit the request to your CA, you can include the SAN in the request.  I use this in a PowerShell script:

-attrib "san:dns=$ServerILOIPAddress&dns=$ServerILOName&dns=$ServerILOName.FQDN.COM"

Where earlier in your script you set the variable for the iLO name, the IP of the ILO and then FQDN.COM is your domain name such as BobsGarage.com

Or any combination of SANs you want.

NK

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.