- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Remote Server Management
- >
- Anyway to change the Subject Alternative Name on i...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-29-2017 08:26 AM
03-29-2017 08:26 AM
Re: Anyway to change the Subject Alternative Name on iLo SSL Cert Requests?
Within the next few weeks, we'll release a new iLO4 firmware that will let users choose if they want to include the iLO IP address(es) in the SAN.
__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-22-2023 10:29 AM - edited 02-22-2023 10:30 AM
02-22-2023 10:29 AM - edited 02-22-2023 10:30 AM
Re: Anyway to change the Subject Alternative Name on iLo SSL Cert Requests?
This still doesn't explain how to add the shortname to the SAN list when generating a cert.
I've been playing around with the iLO Powershell cmdlets and as far as I can see the cmdlet only supports the "CN" field using an FQDN.
Is it possible to pass a parameter for the "subjectaltname" field typically used by OpenSSL conf files?
It looks like the field capabilities don not include the ability to specify the subjectaltname, however, iLO must do this when adding the IP option to the SAN list.
We want to add the shortname "server-ilo" to the SAN list, along with the FQDN and the IP.
e.g. here's the edited/redacted output of a:
Get-HPEiLOCertificateSigningRequest -Connection $connection -OutputType RawRequest
The Start-HPEiLOCertificateSigningRequest cmdlet doesn't appear to support anything more than the CN field, no subjectaltname option.
Target: server-ilo.domain.local
URL: https://server-ilo.domain.local/rest/v1/Managers/1/SecurityService/HttpsCert
ContentType: application/json
Response: {"@odata.context":"/redfish/v1/$metadata#Managers/Members/1/SecurityService/HttpsCert$entity","@odata.id":"/redfish/v1/Managers/1/SecurityService/HttpsCert/","@odata.type":"#HpHttpsCert.1.0.0.HpHttpsCert","Actions":{"#HpHttpsCert.GenerateCSR":{"target":"/redfish/v1/Managers/1/SecurityService/HttpsCert/Actions/HpHttpsCert.GenerateCSR/"},"#HpHttpsCert.ImportCertificate":{"target":"/redfish/v1/Managers/1/SecurityService/HttpsCert/Actions/HpHttpsCert.ImportCertificate/"}},"AvailableActions":[{"Action":"GenerateCSR","Capabilities":[{"PropertyName":"City"},{"PropertyName":"CommonName"},{"PropertyName":"Country"},{"PropertyName":"IncludeIP"},{"PropertyName":"OrgName"},{"PropertyName":"OrgUnit"},{"PropertyName":"State"}]},{"Action":"ImportCertificate","Capabilities":[{"PropertyName":"Certificate"}]}],"CertificateSigningRequest":null,"Id":"HttpsCert","Type":"HpHttpsCert.1.0.0","X509CertificateInformation":{"Issuer":"C = GB, O = XXXXX, OU = XXXXXX, CN = XXXXXX","SerialNumber":"XXXXX","Subject":"C = XX, ST = XX, L = XX, O = XX, OU = XX, CN = server-ilo.domain.local","ValidNotAfter":"2026-01-23T10:05:05Z","ValidNotBefore":"2023-01-24T10:05:05Z"},"links":{"self":{"href":"/rest/v1/Managers/1/SecurityService/HttpsCert"}}}
- « Previous
-
- 1
- 2
- Next »