Remove ca certificate, Remove user certificate, Set user certificate – HP Onboard Administrator User Manual

Two-Factor Authentication commands 36

When the Onboard Administrator is operating in FIPS Mode, the minimum RSA key length is 2048 bits,

and the signature hash algorithm must be SHA1, SHA-224, SHA-256, SHA-384, or SHA-512.

REMOVE CA CERTIFICATE

•

Command:
REMOVE CA CERTIFICATE "<certificate name>"

•

Description:

•

Removes the trust certificate corresponding to the SHA1 <certificate name>. Any users having their
certificates issued by this CA can no longer login if Two-Factor Authentication is enabled.

•

Access level/Bay level:
OA administrator

•

Restrictions:
None

REMOVE USER CERTIFICATE

•

Command:
REMOVE USER CERTIFICATE "<user name>"

•

Description:
Removes the user certificate. If Two-Factor Authentication is enabled, this user no longer has access
through HTTPS.

•

Access level/Bay level:
OA administrator

•

Restrictions:
None

SET USER CERTIFICATE

•

Command:
SET USER CERTIFICATE "<user name>" <end marker> <\n> <certificate> <\n> <end

marker>

•

Description:
Maps a certificate (for certificate-based authentication) to the specified Onboard Administrator user
account. To add the certificate:

a.

Start with a string that does not appear within the certificate (the end marker).

b.

Insert a newline character by pressing Enter.

c.

Paste in the certificate.

d.

Insert a newline character by pressing Enter.

e.

Insert the end marker.

f.

Issue the command by pressing Enter.