Web and Unmanaged
cancel
Showing results for 
Search instead for 
Did you mean: 

HP 1920-48G Switch : Self-signed certificate ?

src386
Occasional Collector

HP 1920-48G Switch : Self-signed certificate ?

Hi everyone,

Is it possible to generate a Self-signed certificate on a HP 1920-48G Switch ?

I had a look at the PKI entitiy + domain stuff but it looks overcomplicated for a local usage and I cannot create a certificate because it needs a "certificate url".

Thanks.

 

3 REPLIES
Spicoli
Occasional Visitor

Re: HP 1920-48G Switch : Self-signed certificate ?

Crickets....

I was hoping for an answer to this also.

Dunky
Regular Advisor

Re: HP 1920-48G Switch : Self-signed certificate ?

Does this help?

public-key local create rsa

 

If so, look at the section headed "Submitting a Certificate Request in Manual Mode" on this URL>  http://gold.nvc.co.jp/supports/h3c/technical/manual/h3c_series/s5120/H3C%20S5120-SI/S5120-SI%20Operation%20R1101-6W101.pdf

JustBill
Occasional Visitor

Re: HP 1920-48G Switch : Self-signed certificate ?

I too have been wanting this.  I see no way to do this and have followed multiple instructins for other HP switches.  I've used all other types and models of HP switches and have not had this issue with any other.  

Here are the instructions on how to get the secret CLI. 

<HP 1920G Switch> _cmdline-mode on
All commands can be displayed and executed. Continue? [Y/N] Y

↓↓↓↓↓↓↓↓ Default password is below, ↓↓↓↓↓↓↓↓
Please input password: Jinhua1920unauthorized
y wrong use, please carefully use it with our engineer's direction.

This command in particulare to generate a Self Signed Cert does not exist for the 1920-24G or 1920-48G

crypto key generate cert 1024

http://h22208.www2.hpe.com/eginfolib/networking/docs/switches/RA/15-18/5998-8151_ra_2620_asg/content/ch09s05.html

Tried following the below instruction set which was for the 1910 series.  This looks almost exactly like the menus in the 1920s.

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c02898287

They also did not work as the hex fingerprint in step 7 does not allow it to be empty to finish the step.

In the end I'm extremely dissapointed with this switch for this very reason.  Our switch was bought for a small business who would prefer to use the web gui as opposed to the SSH which seems to be the only way to manage these secuerly at this point.  The 1810, 1820, 1910, and 3800 series which I've worked with all have the ability to do self signed certs.

HP Please fix this ASAP.