Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II) Forum
cancel
Showing results for 
Search instead for 
Did you mean: 

iLO2 - Error installing SSL Certificate

Highlighted
Remediator
Occasional Advisor

iLO2 - Error installing SSL Certificate

HP ProLiant DL380 G5, iLO 2 firmware version 2.09, iLO DNS name changed so new SSL certificate should be installed to reflect changes. Certification authority is Windows 2008 R2 Enterprise. New template created from WebServer to allow 1024-bit key length (called "iLOWebServer") and allowed to issue certs from this template with manual approval.

 

Logging in to iLO, generating cert request, copy/pasting it to text file "put_ilo_request_in_here.req", requesting cert using following command:

certreq -submit -attrib "CertificateTemplate:iLOWebServer\nSAN:DNS=ilo-srv1.mydomain.local" C:\Users\admmm\Desktop\put_ilo_request_in_here.req

 

Then approving request to CA manually through CA MMC snap-in.

 

Then retrieving cert using command:

certreq -retrieve 366 C:\Users\admmm\Desktop\not_needed.cer C:\Users\admmm\Desktop\open_me_with_notepad.p7b

 

Copying contents of "open_me_with_notepad.p7b" to clipboard, then pressing "Next Step" in iLO, inserting from clipboard and pressing "Import Certificate". Answer is:

 

 

Request Error

HTTP/1.1 412 Request Entity Too Large 

 

Used Firefox 12, IE 9, Chrome. Same result everywhere.

Any help?

2 REPLIES
Remediator
Occasional Advisor

Update: iLO2 - Error installing SSL Certificate

Tried to import certificate using

 

"C:\Program Files (x86)\HP Lights-Out Configuration Utility\cpqlocfg.exe" -s ilo-srv1.mydomain.local -l ilolog.txt -f C:\Users\admmm\Import_Cert.xml -v

 

Of course xml file was modified to include certificate text. Got this:

 

HP Lights-Out Configuration Utility- CPQLOCFG v. 4.00 dated 04/04/2012
(c) Hewlett-Packard Company, 2012

Server is ilo-s19.krost.local

CHECKING XML SYNTAX...
<s> START_OPEN_TAG
<s> RIBCL
<s> VERSION
<s> EQUALS
<s> 2.0
<s> END_TAG
<s> START_OPEN_TAG
<s> LOGIN
<s> USER_LOGIN
<s> EQUALS
<s> Administrator
<s> PASSWORD
<s> EQUALS
<s> XJKBE2MY
<s> END_TAG
<s> START_OPEN_TAG
<s> RIB_INFO
<s> MODE
<s> EQUALS

<s> write
<s> END_TAG
<s> START_OPEN_TAG
<s> IMPORT_CERTIFICATE
<s> END_TAG

 

and here program died with this explanation:

 

Problem signature:
Problem Event Name: APPCRASH
Application Name: cpqlocfg.exe
Application Version: 0.0.0.0
Application Timestamp: 4f7cdf18
Fault Module Name: cpqlocfg.exe
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 4f7cdf18
Exception Code: c0000005
Exception Offset: 0005ec92
OS Version: 6.1.7601.2.1.0.274.10
Locale ID: 1049
Additional Information 1: 0a9e
Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
Additional Information 3: 0a9e
Additional Information 4: 0a9e372d3b4ad19135b953a78882e789

Oscar A. Perez
Esteemed Contributor

Re: Update: iLO2 - Error installing SSL Certificate

How big is your cert?

 

iLO2 can only accept Certs that are up to 3072 bytes long in Base64 format.




__________________________________________________
I work for Hewlett Packard

If you feel this was helpful please click the KUDOS! thumb below!
//Add this to "OnDomLoad" event