Configuring directory settings – HP Integrated Lights-Out 3 User Manual

Page 51

Advertising
background image

8.

Follow the onscreen instructions and submit the CSR to the CA.

The CA will generate a certificate in the PKCS #10 format.

9.

After you obtain the certificate, make sure that:

The CN matches the iLO FQDN. This is listed as the iLO Hostname on the
Information

→Overview page.

The certificate is generated as a Base64-encoded X.509 certificate, and is in the RAW
format.

The first and last lines are included in the certificate.

10. Return to the SSL Certificate Customization page (

Figure 21

) in the iLO user interface.

11. Click the Import Certificate button.

The Import Certificate window opens, as shown in

Figure 22 (page 51)

.

Figure 22 Import Certificate window

12. Paste the certificate into the text box, and then click the Import button.

iLO supports DER-encoded SSL certificates that are up to 3 KB in size (including the 609 or
1,187 bytes used by the private key, for 1,024-bit and 2,048-bit certificates, respectively).

13. Restart iLO.

Configuring directory settings

The iLO firmware connects to Microsoft Active Directory, Novell e-Directory, and other LDAP
3.0-compliant directory services for user authentication and authorization. You can configure iLO
to authenticate and authorize users by using the HP Extended Schema directory integration or the
schema-free directory integration. The HP Extended Schema works only with Microsoft Windows.
The iLO firmware connects to directory services by using SSL connections to the directory server
LDAP port. The default secure LDAP port is 636.

For more information about using directory authentication with iLO, see

“Directory services”

(page 160)

.

Locally stored user accounts (listed on the User Administration page) can be active when iLO
directory support is enabled. This enables both local-based and directory-based user access.
Typically, you can delete local user accounts (with the possible exception of an emergency access
account) after iLO is configured to access the directory service. You can also disable access to
these accounts when directory support is enabled.

Configuring iLO security

51

Advertising
Popular Brands
Popular manuals