After upgrading a few of our servers from OMSA 8.3 to OMSA 8.4, we have noticed the Valid From date of the certificate is greater than the Valid To date (screenshot below). This is causing an issue and is (obviously) not right. Is anyone aware of this issue and will an updated install package be released at some point?
Thanks for your post here. My assumption here is that you are seeing this issue on Ubuntu. We are aware of this and a fix is planned for the next release.
For now, you can generate a self-signed certificate using keytool and import it in OMSA using OMSA CLI/GUI. Keytool is part of JRE. OMSA bundled JRE also contains keytool at this location - /opt/dell/srvadmin/lib64/openmanage/JRE/bin/keytool.
Below is the sample command:
1. Create a self-signed certificate and store it as PFX type:
keytool -genkey -dname "CN=<Server FQDN> ,OU=<Organization Unit> ,O=<Organization>,C=<country>" -alias dellcert -keypass Dell123$ -storepass Dell123$ -validity 365 -keyalg RSA -sigalg SHA256withRSA -keysize 2048 -storetype pkcs12 -keystore dellcert.pfx
Note: The certificate properties such as common name, organization unit, organization, country and keypass etc. need to be replaced with appropriate values.
2. Import the generated certificate into OMSA
This can be done achieved through GUI or CLI. The webserver needs to be restarted for this to be effective.
omconfig preferences webserver attribute=uploadcert certfile=<path>/dellcert.pfx type=pkcs12 password= Dell123$ webserverrestart=true
Please let us know if this solves your issue.
Hi Sahil, thank you for your reply,
We are using a mixture of Windows 2008/2012, no Linux. Not really feasible to do this on hundreds of servers either. I guess we'll stick with 8.3 for now!
We've found the same issue with OMSA 8.4 as well. When freshly installed it builds a certificate with invalid dates making the web interface fail to load.
Example from 2 fresh installations I did today.
Period of Validity
Begins on - Tuesday, December 15, 2016
Expires on - Tuesday, November 29, 2016