I'm looking for examples of the factory iLO certificate that comes with a 12th generation ProLiant server. If anyone has a unit that still has the original OEM certificate or even a self-generated one, I'd love to see it. You can pull the certificate using this command:
openssl s_client -connect google.com:443 -showcerts </dev/null
| awk '
/BEGIN CERTIFICATE/ {cert=""}
{cert = cert $0 ORS}
/END CERTIFICATE/ {
print cert | "openssl x509 -noout -text"
close("openssl x509 -noout -text")
print ""
}'
Just replace "google.com" with your iLO's name or IP address. Feel free to hide any sensitive information like MAC addresses or serial numbers, but please maintain the format for clarity. I'd like to know if the MAC addresses are displayed as abcd.abcd.abcd or AB:CD:AB:CD:AB:CD. Thanks in advance!
3 Answers
If you're interested, I found an iLO 7 instance on Shodan which already has the certificate in OpenSSL format, so you don’t even need to connect to yours. Just remember, putting your iLO on the internet can be risky!
I’m curious, why are you looking for that certificate specifically? Can't you just do a factory reset instead?
I don’t have one myself, but have you thought about just factory resetting your iLO? That might give you a fresh certificate to check out.
That's true, but I wonder if resetting will really return it to its original factory state or just clear the current settings.