Server Management - Remote Server Management
1748194 Members
4491 Online
108759 Solutions
New Discussion юеВ

Re: ILO FQDN Certificate

 
SOLVED
Go to solution
R9Y
New Member

ILO FQDN Certificate

Does anyone know when ILO will support certifcate generation using FQDN's instead of just ilo name?

Whether or not it will be possible to import key and cert to get around the issue?
7 REPLIES 7
Raghuarch
Honored Contributor

Re: ILO FQDN Certificate

I don't think iLO Supports FQDN's.
Piet de Bekker
New Member
Solution

Re: ILO FQDN Certificate

If you install HPONCFG the HP online ILO configuration utility on the server you can assign the FQDN to the ilo.

After that a cert request can be made trough the ILO web interface
Matthias Eble
Occasional Advisor

Re: ILO FQDN Certificate

Piet, is hponcfg mandatory to get FQDNs into the csr?
Armand Puts
New Member

Re: ILO FQDN Certificate

Anyone a solution for this problem? I'm using ILO and ILO2. They both refuse to use the FQDN when requesting a certificate.

ILO knows that is has been assigned "ilo.local" from the dnsserver but it doesnt use servername.ilo.local to request the certificate.... :(
R9Y
New Member

Re: ILO FQDN Certificate

Hi Armand,

Piet De Bekker's answer has so far been the only solution.

So install the HPONCFG tool into the host server os. You can then set the ilo name to a FQDN name (which it would not allow you to do via the iLO web interface). Then when you generate a csr it will use the FQDN of the iLO, allowing the certificate to be issued using the full address.

I have only tested this on iLO2's on 1.61 and 1.7 firmware.

Jamie
Matthias Eble
Occasional Advisor

Re: ILO FQDN Certificate

Well I think while this fixes the CSR problem, it might (dunno) break other stuff:

Ilo Help claims:
iLO 2 Subsystem Name:
This represents the DNS name of the iLO 2 subsystem. For example, "ilo" in "ilo.hp.com".

There is also a Domainname field (For example, "hp.com" in "ilo.hp.com".)

Thus correct ILO behaviour would send requests like ilo.hp.com.hp.com.

To me the CSR Problem (no FQDN in there) is an obvious bug but maybe ITRC isn't the right place to post?
Kosta Velikov
New Member

Re: ILO FQDN Certificate

Sure, for people using Windows, hponcfg is an option.

What about machines running ESX, Linux, Unix?