Configure a Certificate for a C7000 Enclosure

Description:

By default HP blade enclosures come with private certificates that will cause web browsers to display a warning message each time the Onboard Administrator is accessed. This article provides the steps to configure a valid, self-signed, or publicly-signed certificate to eliminate these warning messages.

Steps:

  • Login to the active OA of the blade enclosure
  • On the left side expand Active Onboard Administrator and select Certificate Administration

1

  • Click the Certificate Request tab
  • Select Generate a certificate-signing request (CSR)
  • Under the Required Information heading populate the information to create the CSR
    • Common Name should be the FQDN of the blade enclosure
  • Click Apply

  • Copy the CSR text and go to your certificate provider
  • Submit the certificate request
    • Be sure to get a 1024-bit certificate in the Base 64 format
  • Open the newly created certificate with a text editor and copy all of the text
  • Go back to the Onboard Administrator and click the Certificate Upload button
  • Paste the text for the cert and click Upload.
  • Log out of the Onboard Administrator and close the browser
  • Attempt to log back into the Onboard Administrator and verify that the warning for the certificate is no longer present.
    • Depending on the browser, a warning message may still be displayed until the cache clears. To avoid this issue test in either Private or Incognito mode.

One thought to “Configure a Certificate for a C7000 Enclosure”

  1. I’d strongly suggest using a 2048 bit key size rather than 1024 which many organisations (NIST, CESG etc.) have since deprecated. You’ll find public CA’s migrated away from this key size in 2013, if you want a reference this article covers it – NIST Special Publication 800-131A.

    I’m glad to say HP have implemented quite a few updates to the CSR process since the earlier OA firmware revisions. I logged plenty of cases relating to this feature.

    Anyway all that aside, nice article.

    Alex

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.