Re: Expired Certificate Revocation Lists (CRL's)

ServerParrott · ‎06-06-2018

Oneview (4.00.09) is reporting that my in date CRL's are expired.

Yet more certificate woes with OneView or is there an easy fix for this?

(Also, any update on admins being able to clear locked alerts? Was hoping this would have been addressed in the .09 release.)

ChrisLynch · ‎06-09-2018

The 4.00.09 patch only addressed certain certificate expiration alerts. CRL management today needs to be performed via the UI, or you can automate it with the API.

I work at HPE
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

Lionel_Jullien · ‎07-12-2018

The following PowerShell script can automate the process using the OneView REST API:

https://github.com/jullienl/HPE-Synergy-OneView-demos/blob/master/Powershell/OneView/Update%20all%20existing%20OneView%20CRLs.ps1

YYCSysAdmin · ‎01-14-2019

Noted in that code

The 4.10 library will natively provide cmdlets to update the OneView CRLs

How do we go about doing this in 4.10 ?

Lionel_Jullien · ‎01-31-2019

In 4.10 library, you just need to use the new cmdlet Update-HPOVApplianceTrustedAuthorityCrl

help Update-HPOVApplianceTrustedAuthorityCrl -Examples


Get-HPOVApplianceTrustedCertificate -CertificateAuthoritiesOnly -Name "DigiCert Global CA G2" | Update-HPOVApplianceTrustedAuthorityCrl -Path C:\Directory\CA-updated.crl

Anonymous · ‎02-03-2019

When using the 'Get' and 'Update' combination we get the following error: 'Exception calling "GetProxy" with "1" argument(s): "This operation is not supported for a relative URI."'

ChrisLynch · ‎02-04-2019

@Anonymousplease submit an issue on the project tracker.

I work at HPE
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Expired Certificate Revocation Lists (CRL's)

Expired Certificate Revocation Lists (CRL's)