BladeSystem - General
cancel
Showing results for 
Search instead for 
Did you mean: 

Onboard Administrator Certificate Issue

 
Highlighted
Advisor

Onboard Administrator Certificate Issue

Hello, We have an Enterprise CA on our network. I am working in the Onboard Admin interface for our c7000 enclosure trying to generate a certificate request so I can install an SSL cert from our internal CA.

I follow all the steps by generating the request, pasting the request to the CA, then pasting the contents of the generated cert back to the "Certificate Upload" tab in OA. After that I get this error - "The certificate could not be verified". On the information tab now I have "Error reading the certificate". In addition, the System Log shows "Wrong file permissions detected. Please reset to factory defaults", and "server.crt has wrong file permissions".

Will someone help to clarify this for me? Why am I getting these errors, and how do I fix it?

Regards,
Justin
18 REPLIES 18
Highlighted
Honored Contributor

Re: Onboard Administrator Certificate Issue

Hi Justin,

Did you select the Web server (Certificate Template) when you generate a certificate from the CA.

Regards,
Raghuarch
Highlighted
Advisor

Re: Onboard Administrator Certificate Issue

Yes, I chose the Web Server certificate. It was worked 50+ times for all of my iLO ports recently. The OA is not cooperating though.
Highlighted
Honored Contributor

Re: Onboard Administrator Certificate Issue

Justin,

What OA version r u using?

Please find the latest 2.10 in below link. update if you are running a lower version.
http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&swItem=MTX-24b81875234f43f998d3b8afcb&jumpid=reg_R1002_USEN

Regards,
Raghuarch
Highlighted
Advisor

Re: Onboard Administrator Certificate Issue

Thanks for the link, and for your responses so far. I was running 2.01 and just upgraded it to 2.10. No change in behavior.

Suppose the URL for OA is http://OaName. On the certificate request tab, I would type OaName in the Common Name field, correct?

ARGH!
Highlighted
Honored Contributor

Re: Onboard Administrator Certificate Issue

Yes. you are right about the Common Name.



Highlighted
Honored Contributor

Re: Onboard Administrator Certificate Issue

Justin,

I think you may need to do a factory reset.
Make sure you save all the configuration file before you do a factory reset.
It will be under Configuration Scripts.

Regards,
Raghuarch

Highlighted
Advisor

Re: Onboard Administrator Certificate Issue

Well, that's what the log says to do, I was just hoping it wasn't true. I'll investigate that option and report back.
Justin
Highlighted
Honored Contributor

Re: Onboard Administrator Certificate Issue

Hey i just did that myself today and found a "feature" you can't upload a working cert to the active Onboard Administrator card. Upload the certificate to the standby OA-card and then switch over and repeate the previous steps..

Try Copy/paste the certificate into the text field and then press upload..

And also the cert must be in X.500/base64
Highlighted
New Member

Re: Onboard Administrator Certificate Issue

What happens if there is no Standby. How do you upload then?