- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Remote Server Management
- >
- Re: ILo and Active Directory. SSL-Certificate-Prob...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-27-2006 07:53 PM
тАО07-27-2006 07:53 PM
ILo and Active Directory. SSL-Certificate-Problem
I've got a problem in getting my ILO-Boards up and running with AD.
I'm using the HP-Schema and a valid SSL-Certifiacte on my DC (Tested with MS LDP and Internet-Explorer). When I run the "Connection Test" on an ILO-Board the test isn't successfull. The Error-Message is:
"Warning: certificate does not match Directory Server Address
The certificate IS valid. By the way it's from my own CA (Windows 2003 SP1) which is trusted by the ILO and the DC.
Hopefully anyone can help.
Regrads,
Philipp
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-05-2007 02:27 AM
тАО02-05-2007 02:27 AM
Re: ILo and Active Directory. SSL-Certificate-Problem
I have a similar issue - Did you ever get an answer
Steve
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-05-2007 05:18 PM
тАО02-05-2007 05:18 PM
Re: ILo and Active Directory. SSL-Certificate-Problem
No nobody answered to this issue.
I'm still using iLo with local user accounts.
Maybe it's possible with iLo2?
Regards,
Philipp
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-05-2007 08:39 PM
тАО02-05-2007 08:39 PM
Re: ILo and Active Directory. SSL-Certificate-Problem
Thanks for the reply - Even with the error I can still use AD accounts, did you give up when the test failed? (I did, but I was told to ignore this failure)
I think the reason the test fails is because the certificate on the DC (You need one on the DC) is issued to the FQDN of the the DC (in my case) but the certificate on the iLO is issued with out the FQDN as I cant find a way to change the CSR to use the FQDN
Regards
Steve
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-05-2007 09:06 PM
тАО02-05-2007 09:06 PM
Re: ILo and Active Directory. SSL-Certificate-Problem
I've given up on this issue.
The FQDN-Thought is true. I saw the same thing. In contrast to you my iLO-Boards and my DC have a certificate that are valid for the FQDN. Only the iLO itself checks for the hostname alone, I think.
Regards,
Philipp
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-07-2007 08:59 AM
тАО02-07-2007 08:59 AM
Re: ILo and Active Directory. SSL-Certificate-Problem
For example, if the configured directory name is "ADS1" and the certificate subject is "CN=ads1.corp.net" then this test passes.
Conversely, if the configured directory server name is "ads1.corp.net" and the certificate subject is "CN=ads1" then a warning is generated.
Likewise, if the directory server is configured using IP address, it is unlikely that the cert subject matches.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-10-2009 10:08 AM
тАО08-10-2009 10:08 AM
Re: ILo and Active Directory. SSL-Certificate-Problem
-Request a new Cert
-Advanced Cert
-From PKCS#10
-Paste in the CSR from the iLO config
-Template: Web Server, Server Auth, or if you know what you're doing you can create a custom template.
-Additional Attributes: "san:dns=[iLO name]&dns=[fqdn]" (ie "san:dns=server1&dns=server1.example.com").
-Submit, approve, etc. Get the cert from the server, open it with Notepad, copy and paste into iLO. Reboot iLO.
I'm still working on how to do with with OpenSSL (for the non-Windows world).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-10-2009 10:13 AM
тАО08-10-2009 10:13 AM
Re: ILo and Active Directory. SSL-Certificate-Problem
certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2
net stop certsvc
net start certsvc