Adding trusted certificates, Adding trusted – HP Integrated Lights-Out 3 User Manual

Page 64

Advertising
background image

Table 4 HP trusted certificate status

Description

Icon

The record is valid.

There is a problem with the trust settings or the iLO license. Possible reasons follow:

This record contains a DNS name, and the trust mode is set to Trust by Certificate (only
certificates are valid).

Trust None (SSO disabled) is selected.

A valid license key is not installed.

The record is not valid. Possible reasons follow:

An out-of-date certificate is stored in this record. Check the certificate details for more
information.

The iLO clock is not set or is set incorrectly.

The iLO clock must be in the Valid from and Valid until range.

Certificate—Indicates that the record contains a stored certificate. Move the cursor over the
icon to view the certificate details, including subject, issuer, and dates.

Description—The server name (or certificate subject).

Adding trusted certificates

iLO users who have the Configure iLO Settings privilege can install trusted certificates or add direct
DNS names.

The Base64-encoded X.509 certificate data resembles the following:

-----BEGIN CERTIFICATE-----

. . . several lines of encoded data . . .

-----END CERTIFICATE-----

To add trusted HP SSO records by using the iLO web interface:
1.

Navigate to the Administration

→Security→HP SSO page, as shown in

Figure 26 (page 62)

.

2.

Use one of the following methods to add a trusted certificate:

To directly import a trusted certificate, copy the Base64-encoded certificate X.509 data,
paste it into the text box above the Import Certificate button, and then click the button.

To indirectly import a trusted certificate, type the DNS name or IP address in the text box
above the Import Certificate from URL button, and then click the button. iLO contacts the
HP SSO-compliant application over the network, retrieves the certificate, and then saves
it.

To import the direct DNS name, enter the DNS name in the text box above the Import
Direct DNS Name button, and then click the button.

For information about how to extract an HP SIM certificate, see

“Extracting the HP SIM server

certificate” (page 65)

.

For information about how to extract certificates from other HP SSO-compliant applications, see
your HP SSO-compliant application documentation.

64

Configuring iLO

Advertising
Popular Brands
Popular manuals