carock wrote:
Unfortunately, I'm dealing with an HP Proliant server. Specifically the iLO interface which is a backend management device embeded in the server.This device has it's own SSL cert from the factory. With the latest rounds of updates from Firefox, that browser now complains "my certificate contains the same serial number as issued by another authority" and will not allow you to continue. The "stupid" HP iLO software will generate a CSR for you, but it only uses the server name and does not append the domain part of the iLO configuration settings. Also, the server name setting does not allow you to enter the . character. The CSR generator stores the private key somewhere inside it's storage, but there is no way to access it. Only the iLO software can see it. Since the commercial certs force you to use a FQDN, I had to try and generate my own cert, but without the private key.
That sounds terminally broken. If you have a support contract with HP, tell them to fix it. If not...
I think I understand now. I make my own CA setup and issue my own certs.Correct?
...this should work. Regards, Graham --
smime.p7s
Description: S/MIME Cryptographic Signature
