justinwork
Bronze

OMSA 8.4 certificate start date

Hi all,

After upgrading a few of our servers from OMSA 8.3 to OMSA 8.4, we have noticed the Valid From date of the certificate is greater than the Valid To date (screenshot below). This is causing an issue and is (obviously) not right.  Is anyone aware of this issue and will an updated install package be released at some point?

Thanks

Justin

0 Kudos
4 Replies

RE: OMSA 8.4 certificate start date

Hello Justin,

Thanks for your post here. My assumption here is that you are seeing this issue on Ubuntu. We are aware of this and a fix is planned for the next release.
For now, you can generate a self-signed certificate using keytool and import it in OMSA using OMSA CLI/GUI. Keytool is part of JRE. OMSA bundled JRE also contains keytool at this location - /opt/dell/srvadmin/lib64/openmanage/JRE/bin/keytool.

Below is the sample command:

1. Create a self-signed certificate and store it as PFX type:
keytool -genkey -dname "CN=<Server FQDN> ,OU=<Organization Unit> ,O=<Organization>,C=<country>" -alias dellcert -keypass Dell123$ -storepass Dell123$ -validity 365 -keyalg RSA -sigalg SHA256withRSA -keysize 2048 -storetype pkcs12 -keystore dellcert.pfx

Note:  The certificate properties such as common name, organization unit, organization, country and keypass etc. need to be replaced with appropriate values. 

2. Import the generated certificate into OMSA
This can be done achieved through GUI or CLI. The webserver needs to be restarted for this to be effective.

CLI command:
omconfig preferences webserver attribute=uploadcert certfile=<path>/dellcert.pfx type=pkcs12 password= Dell123$ webserverrestart=true 

Please let us know if this solves your issue.

Thanks,
Sahil

 

0 Kudos
justinwork
Bronze

RE: OMSA 8.4 certificate start date

Hi Sahil, thank you for your reply,

We are using a mixture of Windows 2008/2012, no Linux.  Not really feasible to do this on hundreds of servers either.  I guess we'll stick with 8.3 for now!

Regards

Justin

0 Kudos
ltussing
Copper

RE: OMSA 8.4 certificate start date

We've found the same issue with OMSA 8.4 as well.  When freshly installed it builds a certificate with invalid dates making the web interface fail to load.

Example from 2 fresh installations I did today.

Period of Validity

Begins on - Tuesday, December 15, 2016

Expires on - Tuesday, November 29, 2016

0 Kudos
bluefalcon1
Copper

RE: OMSA 8.4 certificate start date

Same here, fresh install on Win Server 2016 Essentials host.

Start: Dec 28 2016

Start: Dec 13 2016

OM SMS 8.4.0

0 Kudos