07-19-2016 07:21 AM - edited 03-01-2019 12:49 PM
We have deployed an internal signed certificate for our UCS Fabrics and this is working as expected. Is it possible to deploy an internal signed certificate to the management address of the blades themselves. Our quarterly scans reveal that these are self signed and I am not sure this will pass the audit in the future.
Please advise,
Joe
07-19-2016 08:06 AM
Greetings.
The CIMC has an internal certificate that gets generated/re-generated when IPs change on the CIMC.
The IPs have the potential to change during decom/re-acks of the blades.
The certificates are generated with the IP in subjectName/Subject Alternate name and there is no DNS or hostname entry mapping available. The certificates for the individual CIMCs are not user changeable.
Thanks,
Kirk...
09-04-2018 07:33 AM
For the m5 series, 3.2(2x) has the enhancement to add self-signed cert to the cimc. For the m4 and m3 blades, it requires 4.0 our latest firmware.
Please see the bug below.
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCva19420/?reffering_site=dumpcr
09-04-2018 07:34 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide