For a period of days I am working on replacing self-signed certificates in my environment and I found one issue with my enclosure. My certificate authority supports only 2048 Bits Certificate Signing Requests and in my case enclosure had 1024 Bits certificate. I found solution how to quickly fix problem and replace self-signed certificate.
HP c7000 enclosure
Onboard Administrator: 4.30
How to generate 2048 Bits certificate
Procedure itself is really simple. According to HP documentation http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c03659074 if you reset Onboard Administrator then new key will be generated.
To switch from 1024-bit to 2048-bit keys you needed to first reset the OA configuration to factory defaults which would cause the generation of new keys.
Starting from Onboard Administrator version 3.56 you can do it easier.
Simply login to Onboard Administrator using SSH and execute this command
generate key all 2048
You will be asked if you want to regenerate private keys. Answer yes and Onboard Administrator will be restarted.
After restart you will have new fresh 2048 Bits certificate.
Repeat same step for second Onboard Administrator.
My experience and skills have been proven by leading vendor certifications like AWS, Alibaba Cloud, VMware, and Microsoft. I contribute to the IT community and I received VMware vExpert 2014 - 2019, vExpert Pro and VMware vExpert NSX 2017 Award.
My blog wojcieh.net - was voted #76 in Top vBlog 2018 contest!
Do what you love, and you’ll never work another day in your life.
Latest posts by Wojciech Marusiak (see all)
- Top vBlog 2018 is there! - 20 November, 2018
- Zentyal – my new Homelab Swiss Army Knife - 10 October, 2018
- Send VMware backups to the cloud – Altaro Offsite Copies to an Azure Cloud Storage - 18 September, 2018