HPE OneView
cancel
Showing results for 
Search instead for 
Did you mean: 

Self-signed certificate Error after Upgrade OneView 4.0

 
Highlighted
Advisor

Re: Self-signed certificate Error after Upgrade OneView 4.0

Hi Chris,

When try the remove command, i will get the yes/no question and after that it fails with "The operation has timed out"

any idea why that happens?

 

Highlighted
New Member

Re: Self-signed certificate Error after Upgrade OneView 4.0

# Remove the SCMB certificate from the connected appliance
Remove-HPOVScmbCertificate

# Recreate and retrieve the certs
Get-HPOVScmbCertificate

 There was a spelling mistake

Get-HPOVScmbCertificates     is correct (Forgot the S) for syntax 

and the original Remove Commandlet is correct 

Highlighted
New Member

Re: Self-signed certificate Error after Upgrade OneView 4.0

@Mainecoon  you need to reply with  "Y" 

Highlighted
Advisor

Re: Self-signed certificate Error after Upgrade OneView 4.0

Eh yeah that is clear, it happens afterwards so during the removal process after the y
Highlighted
Advisor

Re: Self-signed certificate Error after Upgrade OneView 4.0

Please see attachement to make it more clear

Highlighted
New Member

Re: Self-signed certificate Error after Upgrade OneView 4.0

Hi Chris,

when i try to execute connect-HPOVMgmt in powershell library 3.10 and appliance version is 4.00.0703300556.

Connect-HPOVMgmt : The underlying connection was closed: Could not establish
trust relationship for the SSL/TLS secure channel.
At line:1 char:1
+ Connect-HPOVMgmt
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Connect-HPOVMgmt], WebExcepti
on
+ FullyQualifiedErrorId : WebException,Connect-HPOVMgmt

we also upgraded HPOneView appliance from previous version to 4.00.0703300556

i am not able to connect to appliance itself in this case how can i execute the below commands ?

# Remove the SCMB certificate from the connected appliance
Remove-HPOVScmbCertificate

# Recreate and retrieve the certs
Get-HPOVScmbCertificate
Highlighted
HPE Pro

Re: Self-signed certificate Error after Upgrade OneView 4.0

Please update the PowerShell library to the 4.00 release.  The 3.10 library is not supported any longer.

Typically, this happens when the certificate Common Name or Subject Alternative Names do not match the -Hostname parameter.  Or, the CA signed cert issuer isn't trusted on the PC.


I am an HPE employee

Accept or Kudo

Highlighted
Advisor

Re: Self-signed certificate Error after Upgrade OneView 4.0

Dear Chris,

I am having the same problem here.

Is it possible to use your powershell commands under linux? I don't have a windows machine in the oneview network.

Maybe you have the rest api calls somewhere?

Thanks in advance

Timo

Highlighted
HPE Pro

Re: Self-signed certificate Error after Upgrade OneView 4.0

The HPE OneView 5.00 library is based on .Net Standard 2.0, which means that you can install PowerShellCore on a support Linux OS.  However, do know that this version of the OneView PowerShell library does not support older versions of OneView.  Only 5.00 and newer.

If that is not an option, or you have not upgraded OneView to 5.00, then I would suggest you use our Python SDK.

If that still is not an option, then you can get the current REST API documentation from your appliance, by clicking the ? icon in the upper right of the main UI, then click on the REST API Reference link.  You will want to navigate to Security then Appliance Certificates.  To regenerate a new self signed certificate, you need to use the PUT /rest/certificates/https API call.


I am an HPE employee

Accept or Kudo

Highlighted
Advisor

Re: Self-signed certificate Error after Upgrade OneView 4.0

Dear Chris,

thank you for your fast reply. I managed to put up a windows vm in our oneview network. I installed this:

https://github.com/HewlettPackard/POSH-HPOneView/releases/tag/v4.0.1554.2229

 

and ran the first command that someone mentioned

Remove-HPOVScmbCertificate

But I get an error that skripting is not allowed on that machine. 

 

As of what the version of oneview is concerned. I am in the progress of getting to oneview 5.x. 4.00.007 is only an intermediate step. So I am not bound to the 4.00 version. I just thought it would be better to first get rid of any error message before I continue with the upgrade steps. Would it be safe to ignore that error and continue?

Cheers and have nice day,

Timo