Opened 12 years ago
Closed 12 years ago
#21 closed (wontfix)
iLO web interfaces for pc1 and pc3 claim to have the same SSL issuer and serial number
Reported by: | chaos@bbn.com | Owned by: | somebody |
---|---|---|---|
Priority: | major | Milestone: | IG-ADM-1 |
Component: | Administration | Version: | SPIRAL4 |
Keywords: | Cc: | ||
Dependencies: |
Description
When i login to the web console for the pc3 iLO (at 155.98.34.104) using firefox, i get the standard firefox "do you want to trust this certificate?" dialogue, and am able to successfully connect.
If i subsequently try to connect to the pc1 iLO (at 155.98.34.103) using the same firefox instance, i get the error:
Secure Connection Failed An error occurred during a connection to 155.98.34.103. You have received an invalid certificate. Please contact the server administrator or email correspondent and give them the following information: Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number. (Error code: sec_error_reused_issuer_and_serial) The page you are trying to view can not be shown because the authenticity of the received data could not be verified. Please contact the web site owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.
If i delete the SSL information for 155.98.34.104 from my browser and clear the cache, i can subsequently browse to .103 normally (but of course get this error again when i go back to .104).
From the iLO logins, i see the following SSL information for the two devices:
- pc1 (155.98.34.103):
Issued To CN=ILOUSE211XXJR.utah.geniracks.net, OU=ISS, O=Hewlett-Packard Company, L=Houston, ST=Texas, C=US Issued By C=US, ST=TX, L=Houston, O=Hewlett-Packard Company, OU=ISS, CN=iLO3 Default Issuer (Do not trust) Valid From Wed, 11 Jan 2012 Valid Until Mon, 12 Jan 2037 Serial Number 57
- pc3 (155.98.34.104):
Issued To CN=ILOUSE211XXJS.utah.geniracks.net, OU=ISS, O=Hewlett-Packard Company, L=Houston, ST=Texas, C=US Issued By C=US, ST=TX, L=Houston, O=Hewlett-Packard Company, OU=ISS, CN=iLO3 Default Issuer (Do not trust) Valid From Wed, 11 Jan 2012 Valid Until Mon, 12 Jan 2037 Serial Number 57
So those serial numbers are indeed identical. I have verified that the other three iLOs have unique serial numbers (pc2=55, pc4=53, pc5=54), and do not experience this problem.
Leigh reports that they are not planning to fix this.