[EXTERNAL EMAIL]
Hello, OMSA Port: 1311/tcp Expired Dell self-sign certificate: Subject : C=US/ST=TX/L=Round Rock/OU=SA Enterprise Software Development/O=Dell Inc/CN= Issuer : C=US/ST=TX/L=Round Rock/OU=SA Enterprise Software Development/O=Dell Inc/CN= Tried to upload key and cert in pfx file using OMSA web page but failed with error: HTTP Status 403 - Forbidden Type: Status Report Message: Accessing resource:/************/UploadCertServlet is forbidden. Description: Server understood request but refuses to authorize it. Apache Tomcat /9.0.8 Tried to upload key and cert using racadmin 9.3.0-3465.14818.el7.x86_64 - it uploaded key and cert, sslcertview shows it but web page continues to use expired certificate. racreset does not make cert update on web page. racadm sslkeyupload -f /tmp/key -t 1 racadm sslcertupload -f /tmp/cer -t 1 racadm racreset racadm sslcertview -t 1 racadm racreset soft racadm racreset hard racadm racreset soft -f racadm racreset hard -f So stopped and removed OMSA web page to stop reports from Nessus security scanned that OMSA certificate is expired and selfsign: systemctl stop dsm_om_connsvc.service systemctl disable dsm_om_connsvc.service yum erase srvadmin-jre-9.3.0-3465.14818.el7.x86_64 Removing: srvadmin-jre 9.3.0-3465.14818.el7 Removing for dependencies: srvadmin-tomcat 9.3.0-3465.14818.el7 srvadmin-webserver 9.3.0-3465.14818.el7 1. What right I need to be able to upload key and cert in pfx file via omsa web page? 2. What I'm doing wrong that racreset does not activate correctly updated certificate? greetings, Zbigniew _______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge
