OMSA 8.4 certificate start date - Dell Systems Management General Forum - Systems Management - Dell Community
Systems Management Forums

OMSA 8.4 certificate start date

Systems Management

Systems Management
Dell Systems Management Solutions: Dell OpenManage, iDRAC, Repository Manager, Microsoft SCCM, Chassis Managment Controller, and more

OMSA 8.4 certificate start date

  • Hi all,

    After upgrading a few of our servers from OMSA 8.3 to OMSA 8.4, we have noticed the Valid From date of the certificate is greater than the Valid To date (screenshot below). This is causing an issue and is (obviously) not right.  Is anyone aware of this issue and will an updated install package be released at some point?

    Thanks

    Justin

  • Hello Justin,

    Thanks for your post here. My assumption here is that you are seeing this issue on Ubuntu. We are aware of this and a fix is planned for the next release.
    For now, you can generate a self-signed certificate using keytool and import it in OMSA using OMSA CLI/GUI. Keytool is part of JRE. OMSA bundled JRE also contains keytool at this location - /opt/dell/srvadmin/lib64/openmanage/JRE/bin/keytool.

    Below is the sample command:

    1. Create a self-signed certificate and store it as PFX type:
    keytool -genkey -dname "CN=<Server FQDN> ,OU=<Organization Unit> ,O=<Organization>,C=<country>" -alias dellcert -keypass Dell123$ -storepass Dell123$ -validity 365 -keyalg RSA -sigalg SHA256withRSA -keysize 2048 -storetype pkcs12 -keystore dellcert.pfx

    Note:  The certificate properties such as common name, organization unit, organization, country and keypass etc. need to be replaced with appropriate values. 

    2. Import the generated certificate into OMSA
    This can be done achieved through GUI or CLI. The webserver needs to be restarted for this to be effective.

    CLI command:
    omconfig preferences webserver attribute=uploadcert certfile=<path>/dellcert.pfx type=pkcs12 password= Dell123$ webserverrestart=true 

    Please let us know if this solves your issue.

    Thanks,
    Sahil

     

  • Hi Sahil, thank you for your reply,

    We are using a mixture of Windows 2008/2012, no Linux.  Not really feasible to do this on hundreds of servers either.  I guess we'll stick with 8.3 for now!

    Regards

    Justin

  • We've found the same issue with OMSA 8.4 as well.  When freshly installed it builds a certificate with invalid dates making the web interface fail to load.

    Example from 2 fresh installations I did today.

    Period of Validity

    Begins on - Tuesday, December 15, 2016

    Expires on - Tuesday, November 29, 2016

  • Same here, fresh install on Win Server 2016 Essentials host.

    Start: Dec 28 2016

    Start: Dec 13 2016

    OM SMS 8.4.0