Re: Oneview ILO Certificate problem becoming a real pain....

T_1_6 · ‎11-05-2021

We seem to constantly get this:-

Unable to establish trusted communication with the server. The iLO certificate does not have any IP address or host name specified.

1) ILO Certs are all valid, current, not expired, generated by our on-prem PKI

2) ILO Certs all have Subject alternative name, and common name

3) Oneview Appliance has the root cert, and two intermediary server certs in the trust store

As soon as you refresh, and enter the account for the ilO all is perfect again, until the next time of course.
Any idea what could be going on? This is driving me insane!

Our Oneview is 6.1.

THE ONLY thing we do not have is IP addresses tied into our certs, could this be a Oneview bug whereby even though the message says "no valid ip or hostname specified" that it is actually still looking for an IP in the cert? If this was the case how come it connects and refreshes perfectly?
I am lost on this one, any help would be very much appreciated.

techin · ‎11-07-2021

Unusual issue. Hope someone can assist you

derick_souza · ‎11-09-2021

1)Verify if the server ILO IP is pinging from Oneview(Login to OneView>>settings >>networking >>under actions --Ping ILO IP address)

2)If the ILO IP is not pinging and getting error FQDN failed and then check the DNS configuration and correct the same

3)If the ILO IP is pinging from OV, try to add the server by using the ILO IP address instead of the hostname.

4)Add ILO self-signed certificate into OneView trust store(Go to Oneview > Setting > Security>Certificates > Manage Certificates >Add Certificate>select-Fetch from IP address and hostname, type in the IP address of the server> >make sure to select the Force trust leaf certificate check box>>>Then validate and Trust the certificate. This ensures the leaf level certificate is fetched >then select ADD.)

5)Once the above steps are done, Add the server hardware in OneView by using the ILO IP address or host name

AmRa · ‎11-09-2021

Have you checked by resetting iLO from iLO web console?

Procedure to Rebooting (Resetting) the iLO processor with the web interface

1. Click Information in the navigation tree, and then click the Diagnostics tab.

2. Click Reset..

3. When prompted to confirm the request, click OK.

4. iLO resets and closes the user's browser connection.

5. Wait for sometime (30-40 sec) and later check the status.

I am an HPE Employee.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Oneview ILO Certificate problem becoming a real pain....

Oneview ILO Certificate problem becoming a real pain....