Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
When attempting to remove the Private key file (File.pem) after generating the Certificate Sign Request (CSR) in System Management Homepage (SMH), SMH will prevent the Certificate Authority (CA) certificate from importing. SMH validates the Private Key with an imported CA certificate if there is a mismatch and the the import fails. This issue occurs when importing the CA Certificate in SMH using any of the following methods: Import of CA certificate in PKCS #7format data through SMH UI fails with "Unable to extract the certificate from the imported PKCS #7 file" Error Restarting the SMH service after PlacingBase64 format CA certificate file [cert.pem] in location /etc/opt/hp/sslshare/ on Linux x86 and x64, and systemdrive:\hp\sslshare\ for Windows and will auto rename cert.pem to certmmm.pem and a new self-signed certificate [cert.pem] is auto generated with error "The certificate does not match the private key." in the SMH logs This issue occurs because the SMH private key (File.pem) was removed/moved out/changed or replaced from its original location /etc/opt/hp/sslshare/ onLinux x86 and x64, and the systemdrive:\hp\sslshare\ for Windows. The private key files should not be changed after generating CSR until its respective CA signed certificate is imported into SMH.
Any HPE ProLiant server using HPE System Management Homepage (SMH) and running a Windows or Linux OS.
The CSR request (req_cr.pem) and the CA Certificates have reference to Private Key files (file.pem) from /etc/opt/hp/sslshare/ on Linux x86 and x64, and systemdrive:\hp\sslshare\ for Windows. Retain the correct file.pem while creating the CSR; the same file.pem should be used during CA Certificate import. NOTE: Products sold prior to the November 1, 2015 separation of Hewlett-Packard Company into Hewlett Packard Enterprise Company and HP Inc. may have older product names and model numbers that differ from current models. RECEIVE PROACTIVE UPDATES : Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively via e-mail through HPE Subscriber's Choice. Sign up for Subscriber's Choice at the following URL: Proactive Updates Subscription Form. NAVIGATION TIP : For hints on navigating HPE.com to locate the latest drivers, patches, and other support software downloads for ProLiant servers and Options, refer to the Navigation Tips document . SEARCH TIP : For hints on locating similar documents on HPE.com, refer to the Search Tips Document .