RIBCL Undocumented Tag – CERT_FQDN

Great find from Oscar Perez over on the HP ITRC Forums. This tag is not documented in the current HP Scripting guides and I wish I knew about it before I logged in by hand to 200ish iLO devices to manually update the setting.

What the tag does is tell the iLO to general a CSR for an SSL Certificate using a FQDN rather than a short name. If you identify iLO devices in DNS with a subdomain (e.g. server.ilo.mydomain.com) you need to do this.

<RIBCL VERSION=”2.0″>
<LOGIN USER_LOGIN=”adminname” PASSWORD=”password”>
<RIB_INFO MODE=”write”>
<CERT_FQDN value=”Y”/>
</RIB_INFO>
</LOGIN>
</RIBCL>

Tags will apply to iLO2 firmware 2.x and iLO 3 1.x firmware

Advertisements

5 thoughts on “RIBCL Undocumented Tag – CERT_FQDN

  1. davenpcj5542009

    iLO 3 generates certificates with FQDN subjects by default, and always has. Short names are provided as SubjectAlternativeNames so the IE browser will still accept the short name for those that prefer to use it.

  2. davenpcj5542009

    One other thing… The setting to use FQDN subjects instead of short name subjects is also visible in the iLO 2 web interface.

  3. Oleg

    Thanx a lot. it works fine. but the “” are non standart. i wasted a little bit time due reading the xml parse errors.. )

    1. Ben Post author

      Hi Oleg,

      Thats a little weird, as the RIBCL was copy and pasted directly out of the working script I used. Unfortunately I don’t have an answer for that, but I’m sorry you lost a little bit of time on working it out!

Comments are closed.