For a period of days I am working on replacing self-signed certificates in my environment and I found one issue with my enclosure. My certificate authority supports only 2048 Bits Certificate Signing Requests and in my case enclosure had 1024 Bits certificate. I found solution how to quickly fix problem and replace self-signed certificate.
HP c7000 enclosure
Onboard Administrator: 4.30
How to generate 2048 Bits certificate
Procedure itself is really simple. According to HP documentation http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c03659074 if you reset Onboard Administrator then new key will be generated.
To switch from 1024-bit to 2048-bit keys you needed to first reset the OA configuration to factory defaults which would cause the generation of new keys.
Starting from Onboard Administrator version 3.56 you can do it easier.
Simply login to Onboard Administrator using SSH and execute this command
generate key all 2048
You will be asked if you want to regenerate private keys. Answer yes and Onboard Administrator will be restarted.
After restart you will have new fresh 2048 Bits certificate.
Repeat same step for second Onboard Administrator.
My experience and skills has been proven by leading vendor certifications like VMware Certified Advanced Professional 5 – Data Center Administration, VMware Certified Advanced Professional 5 – Data Center Design, VMware Certified Professional 6 - Data Center Virtualization, VMware Certified Professional 6 - Network Virtualization, Microsoft MCITP Server Administrator, ITIL V3, VMware vExpert 2014, 2015, 2016 and 2017 Award.
My blog wojcieh.net - was voted #50 in TopvBlog 2016 contest!
Latest posts by Wojciech Marusiak (see all)
- How to add NFS export to VMware ESXi 6.5 - 12 April, 2017
- Migration of Windows vCenter Server 6.x to vCenter Server 6.5 Appliance - 10 March, 2017
- Altaro VM Backup 7.0 released with new great features - 7 March, 2017