HPE OneView
1829158 Members
2471 Online
109986 Solutions
New Discussion

Self-signed certificate Error after Upgrade OneView 4.0

 
Schlenkian05
New Member

Re: Self-signed certificate Error after Upgrade OneView 4.0

Hi Chris,

when i try to execute connect-HPOVMgmt in powershell library 3.10 and appliance version is 4.00.0703300556.

Connect-HPOVMgmt : The underlying connection was closed: Could not establish
trust relationship for the SSL/TLS secure channel.
At line:1 char:1
+ Connect-HPOVMgmt
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Connect-HPOVMgmt], WebExcepti
on
+ FullyQualifiedErrorId : WebException,Connect-HPOVMgmt

we also upgraded HPOneView appliance from previous version to 4.00.0703300556

i am not able to connect to appliance itself in this case how can i execute the below commands ?

# Remove the SCMB certificate from the connected appliance
Remove-HPOVScmbCertificate

# Recreate and retrieve the certs
Get-HPOVScmbCertificate
ChrisLynch
HPE Pro

Re: Self-signed certificate Error after Upgrade OneView 4.0

Please update the PowerShell library to the 4.00 release.  The 3.10 library is not supported any longer.

Typically, this happens when the certificate Common Name or Subject Alternative Names do not match the -Hostname parameter.  Or, the CA signed cert issuer isn't trusted on the PC.

I work at HPE
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
tvtue
Advisor

Re: Self-signed certificate Error after Upgrade OneView 4.0

Dear Chris,

I am having the same problem here.

Is it possible to use your powershell commands under linux? I don't have a windows machine in the oneview network.

Maybe you have the rest api calls somewhere?

Thanks in advance

Timo

ChrisLynch
HPE Pro

Re: Self-signed certificate Error after Upgrade OneView 4.0

The HPE OneView 5.00 library is based on .Net Standard 2.0, which means that you can install PowerShellCore on a support Linux OS.  However, do know that this version of the OneView PowerShell library does not support older versions of OneView.  Only 5.00 and newer.

If that is not an option, or you have not upgraded OneView to 5.00, then I would suggest you use our Python SDK.

If that still is not an option, then you can get the current REST API documentation from your appliance, by clicking the ? icon in the upper right of the main UI, then click on the REST API Reference link.  You will want to navigate to Security then Appliance Certificates.  To regenerate a new self signed certificate, you need to use the PUT /rest/certificates/https API call.

I work at HPE
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
tvtue
Advisor

Re: Self-signed certificate Error after Upgrade OneView 4.0

Dear Chris,

thank you for your fast reply. I managed to put up a windows vm in our oneview network. I installed this:

https://github.com/HewlettPackard/POSH-HPOneView/releases/tag/v4.0.1554.2229

 

and ran the first command that someone mentioned

Remove-HPOVScmbCertificate

But I get an error that skripting is not allowed on that machine. 

 

As of what the version of oneview is concerned. I am in the progress of getting to oneview 5.x. 4.00.007 is only an intermediate step. So I am not bound to the 4.00 version. I just thought it would be better to first get rid of any error message before I continue with the upgrade steps. Would it be safe to ignore that error and continue?

Cheers and have nice day,

Timo