How to generate new self-signed certificate in HP c7000 enclosure
For a period of days I am working on replacing self-signed certificates in my environment and I found one issue with my enclosure. My certificate authority supports only 2048 Bits Certificate Signing Requests and in my case enclosure had 1024 Bits certificate. I found solution how to quickly fix problem and replace self-signed certificate.
HP c7000 enclosure
Onboard Administrator: 4.30
How to generate 2048 Bits certificate
Procedure itself is really simple. According to HP documentation http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c03659074 if you reset Onboard Administrator then new key will be generated.
To switch from 1024-bit to 2048-bit keys you needed to first reset the OA configuration to factory defaults which would cause the generation of new keys.
Starting from Onboard Administrator version 3.56 you can do it easier.
Simply login to Onboard Administrator using SSH and execute this command
generate key all 2048
You will be asked if you want to regenerate private keys. Answer yes and Onboard Administrator will be restarted.
After restart you will have new fresh 2048 Bits certificate.
Repeat same step for second Onboard Administrator.