Roberto,



If you mean the HMC's webserver's HTTPS/SSH certs I guess you need to give it the complete chain to present itself, the CA, any intermediaries and it's own cert to identify itself (or the wildcard I guess, I haven't used those yet, mostly generate a cert for each FQDN).

I haven't done it, but on v9 HMC you have to go to "users and security" -> "Manage Certificates". There are the options to upload certs...



Yes, the HMC's webserver's HTTPS/SSH certs.



Paul









-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Roberto José Etcheverry Romero
Sent: Tuesday, November 26, 2019 11:53 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: Re: HMC / BMC SSL Cert warning/error/issue



What SSL cert do you mean?

HMC doesn't AFAIK connect to the i directly for anything, it doesn't use RMC since only the i uses an internal FSP connection to the LPAR.

If you mean the HMC's webserver's HTTPS/SSH certs I guess you need to give it the complete chain to present itself, the CA, any intermediaries and it's own cert to identify itself (or the wildcard I guess, I haven't used those yet, mostly generate a cert for each FQDN).

I haven't done it, but on v9 HMC you have to go to "users and security" -> "Manage Certificates". There are the options to upload certs...



Best regards,



On Tue, Nov 26, 2019 at 12:52 PM Steinmetz, Paul via MIDRANGE-L < midrange-l@xxxxxxxxxxxxxxxxxx<mailto:midrange-l@xxxxxxxxxxxxxxxxxx>> wrote:



We use a wild card certificate on our Power I LPARs.

Which part of the wild card cert would need to be imported to the

HCM/BMC to correct the HMC/BMC SSL cert warnings?

Root CA, int CA, Server WC Cert or all parts.



Thank you



_____



Paul Steinmetz



IBM i Systems Administrator







Pencor Services, Inc.



462 Delaware Ave



Palmerton Pa 18071







610-826-9117 work



610-826-9188 fax



610-349-0913 cell



610-377-6012 home







psteinmetz@xxxxxxxxxx<mailto:psteinmetz@xxxxxxxxxx<mailto:psteinmetz@xxxxxxxxxx%3cmailto:psteinmetz@xxxxxxxxxx>>



http://www.pencor.com/





--

This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing

list To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx<mailto:MIDRANGE-L@xxxxxxxxxxxxxxxxxx> To

subscribe, unsubscribe, or change list options,

visit: https://lists.midrange.com/mailman/listinfo/midrange-l

or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx<mailto:MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx>

Before posting, please take a moment to review the archives at

https://archive.midrange.com/midrange-l.



Please contact support@xxxxxxxxxxxx<mailto:support@xxxxxxxxxxxx> for any subscription related

questions.



Help support midrange.com by shopping at amazon.com with our affiliate

link: https://amazon.midrange.com



--

This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx<mailto:MIDRANGE-L@xxxxxxxxxxxxxxxxxx> To subscribe, unsubscribe, or change list options,

visit: https://lists.midrange.com/mailman/listinfo/midrange-l

or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx<mailto:MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx>

Before posting, please take a moment to review the archives at https://archive.midrange.com/midrange-l.



Please contact support@xxxxxxxxxxxx<mailto:support@xxxxxxxxxxxx> for any subscription related questions.



Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.