ILOM-SSL
From pressy's brainbackup
HTTPS SSL certificate
Starting with some newer versions of Oracle's ILOM you will get a Warning when using no special HTTPS certificate, next to the "default password" warning logging into the BUI the first time... This was on my new T7 with Sun System Firmware 9.7.1.c // ILOM v3.2.6.2.c
Warning: HTTPS certificate is set to factory default.
To get rid of it you will have to create a costum certificate and a costum private key and upload the files.
Just use your Solaris box:
root@svr01:/downloads/certs# openssl genrsa -out ilom-svr01.key 2048 Generating RSA private key, 2048 bit long modulus ...............................................................+++ ......................................+++ e is 65537 (0x10001) root@svr01:/downloads/certs# openssl req -new -key ilom-svr01.key -out ilom-svr01.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) []:AT State or Province Name (full name) []:Vienna Locality Name (eg, city) []:Vienna Organization Name (eg, company) []:PRESSY Organizational Unit Name (eg, section) []:IT Common Name (e.g. server FQDN or YOUR name) []:ilom-svr01.domain.narf Email Address []:mymail@mail.narf Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:asdfasdf An optional company name []:asdfasdf root@svr01:/downloads/certs# openssl x509 -req -days 3650 -in ilom-svr01.csr -signkey ilom-svr01.key -out ilom-svr01.cert Signature ok subject=/C=AT/ST=Vienna/L=Vienna/O=PRESSY/OU=IT/CN=ilom-svr01.domain.narf/emailAddress=mymail@mail.narf Getting Private key root@svr01:/downloads/certs#
You can upload the *.cert and *.key files using the BUI: ILOM Administration -> Management Access -> SSL certificate
You will lose your current web connection and the browser will come with a warning on reload, because it is a self sign certificate. If you have a trusted certification provider you could use their files aswell.