HPE Community
Server Management - Systems Insight Manager
1829466 Members
1710 Online
109991 Solutions
New Discussion

SSL Certificates on Systems Management Page

 
Brian Whitcomb
Occasional Advisor

‎06-08-2005 11:01 AM - last edited on ‎12-27-2012 06:34 PM by

‎06-08-2005 11:01 AM - last edited on ‎12-27-2012 06:34 PM by

SSL Certificates on Systems Management Page

I have an issue that I imagine is not unique. I am trying to issue certificates for the Systems Management Homepage, but when I generate the request,It only uses the short name for the certificate. I want to use the FQDN to access the server so therefore I want the request to have the FQDN. How do I set the system name so that the request will have the FQDN?

I hope that makes sense... if not, lemme know.

 

 

P.S. This thread has been moved from ITRC server mgmt (Insight Manager 7) Forum to ITRC HP Systems Insight Manager Forum - HP Forums Moderator

0 Kudos
Reply
7 REPLIES 7
Pete Bobco
New Member

‎06-09-2005 04:29 AM

‎06-09-2005 04:29 AM

Re: SSL Certificates on Systems Management Page

I am assuming that you are trying to use the System Management Homepage (SMH) UI to create a Certificate Request (PKCS #10) and would like to have the ability to change the "CN" (Computer Name) sub-field in the certificate's "Subject" field so it would contain the FQDN rather that the short name of the computer.

Currently, SMH does not allow editing the Subject's CN sub-field. If there is enough customer interest, that could be something that we could consider adding for a future release.
0 Kudos
Reply
Ben_195
Occasional Advisor

‎06-24-2005 08:06 AM

‎06-24-2005 08:06 AM

Re: SSL Certificates on Systems Management Page

On a similar but somewhat different note, I've used ghost and sysprep to create a Windows 2003 image for my ml370s and dl370s. The image included the 7.30a support pack installed. The System Management Homepage shows the new server name and works fine, except that the ssl certificate is the same as the original ghosted server. How can I can I get the Systems Management Page's certificate re-created, or re-signed with the correct server name (or at least a unique certificate) ? Obviously, I would like unique certificates to import into Systems Insight Manager (I'm using trust-by-certificiate).

Any pointers would be appreciate,

Ben
0 Kudos
Reply
Pete Bobco
New Member

‎06-24-2005 09:08 AM

‎06-24-2005 09:08 AM

Re: SSL Certificates on Systems Management Page

Ben,
The System Management Homepage (SMH)service keeps its server certificate in the \hp\sslshare folder. There are two basic cases here.
One is that your original server has a self-signed certificate (i.e. one that SMH automatically created the first time you ran the service). The other case would be that the orig server got his certificate via a PKCS#10 certificate request and the response was later imported in. If you have the 'self-signed' cert case, then you can simply rename your file.pem and cert.pem files in the 'cloned' server's \hp\sslshare folder to *.bak. Then you need to stop and start the System Management Homepage service, and SMH will create a unique certificate/key pair when it comes up. If you have the 'PKCS#10' case, then you would need to do the same steps as you did for the first case and then use the SMH UI to recreate the PKCS#10 requests, get them fulfilled, and import them via the SMH UI.

Pete
0 Kudos
Reply
Ben_195
Occasional Advisor

‎06-27-2005 06:23 AM

‎06-27-2005 06:23 AM

Re: SSL Certificates on Systems Management Page

Thanks Pete, that was just the information I was missing.
0 Kudos
Reply
Ben_195
Occasional Advisor

‎06-27-2005 08:36 AM

‎06-27-2005 08:36 AM

Re: SSL Certificates on Systems Management Page

This may be more of a System Insight Manager question, and I can post it in that forum also, if need be. Generating the new certificates that way worked, and I've imported them into System Insight Manager with no problem. But, there seems to be some other identification that System Insight Manager uses besides certificates and the name of the server to identify other servers. I'm guessing this because when I add any of these ghosted (and syspreped by the way) servers to SIM 4.2 SP2, I see them briefly, then they're gone, almost as if SIM detects a duplicate and deletes it. Is there some other guid or identifier that I must re-generate, or should I just give it up and re-install the support pack on all of these?

Thanks,
Ben
0 Kudos
Reply
Gladiator
Valued Contributor

‎02-19-2007 11:19 PM

‎02-19-2007 11:19 PM

Re: SSL Certificates on Systems Management Page

Right now there is no way to use the FQDN in HPSMH. Due to constant customer requirement we are going to implement this in our next release.
0 Kudos
Reply
Roel Teuwen
Occasional Visitor

‎06-06-2007 02:39 AM

‎06-06-2007 02:39 AM

Re: SSL Certificates on Systems Management Page

Any word on a version that fixes this ?

I'm having the same issue when generating CSR from any iLO console, btw
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.