Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II) Forum
cancel

Installing a purchased commercial ssl cert on iLO2 - can it be done?

Highlighted
datacate
Acclaimed Contributor

Installing a purchased commercial ssl cert on iLO2 - can it be done?

The tite is the question - has anyone done this and if so, what type of cert from what issuer? Seems the intermmediate certs can be a problem for the ILO SSL cert management interface, so far have not been able to get past that point. Any help from those who have succeeded is appreciated!

 

- Ed

1 REPLY
Oscar A. Perez
Esteemed Contributor

Re: Installing a purchased commercial ssl cert on iLO2 - can it be done?

You don't need to buy a commercial SSL certificate for iLO2, unless that iLO2 is connected directly to the Internet which is absolutely not recommended.

 

To have "trusted" SSL certificates on your iLOs, you need to first create a Root CA in your network then, create a Subordinate CA and a DNS server that can resolve the iLO FQDNs. 

 

Once you have your subordinate CA,  sign the iLO CSRs using a webserver template and then import the certificates into your iLOs.

 

Finally, import into each of your Client PCs, the SSL Certificate of the Root CA so, your browsers can trust those certificates issued by the Subordinate CA.

 

 




__________________________________________________
I work for Hewlett Packard

If you feel this was helpful please click the KUDOS! thumb below!
//Add this to "OnDomLoad" event