Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II) Forum
cancel

Here's a good one

Highlighted
Ed Cox
Outstanding Contributor.

Here's a good one

Hola,
Situation is this:
Customer has a BOATLOAD of BL20p blades with iLOs. He wants to be able to connect to any of the iLOs without being prompted for the Security Warning that you get the first time you hit the iLO through IE.
I doubt these iLOs will be pulled into AD.
So...
With IE Security>Trusted Sites, you can put in wildcards (i.e. https://hp.com/* or https://*.compaq.com). I was thinking of something like https://ilo*.domainname.com, however by default the iLOs don't have FQDNs.
Just their DNS name...
I don't have access to my iLOs this week so I was curious if anyone might know of a workaround for this situation. Using a 3rd party CA and then having to import thousands of certs is probably not an option.
Thanks!
Ed
3 REPLIES
David Claypool
Acclaimed Contributor.

Re: Here's a good one

Sorry. Since they're self-signing, each instance has a unique certificate. Because of that, you can't add a particular certification authority to trust globally.
acartes
Acclaimed Contributor.

Re: Here's a good one

Importing certificates is the right way to solve this problem. Unfortunately, at this time, this can't be automated.

The good news is that work is underway to automate this process using RIBCL- you can get the certificate request via RIBCL and install the certificate via RIBCL. This would enable automated certificate roll-out. Look for this feature in an upcoming firmware release this fall.
Ed Cox
Outstanding Contributor.

Re: Here's a good one

Thank you...I'll pass that along.