I'm trying to find an example of the factory-issued certificate (or certificate chain) that comes with the iLO interface on a 12th generation Proliant server. If you have one that still has its original OEM certificate, or if it was self-generated at first boot, I'd appreciate it if you could share it. You can pull the certificate from the command line using the following commands, just replace 'google.com' with your iLO's name or IP address:
```
openssl s_client -connect google.com:443 -showcerts < /dev/null
| awk '
/BEGIN CERTIFICATE/ {cert=""}
{cert = cert $0 ORS}
/END CERTIFICATE/ {
print cert | "openssl x509 -noout -text"
close("openssl x509 -noout -text")
print ""
}'
```
Please feel free to obfuscate any sensitive details like MAC addresses or serial numbers, but try to keep the format intact so I can see how MAC addresses are represented (either as abcd.abcd.abcd or AB:CD:AB:CD:AB:CD). Thanks in advance for your help!
3 Answers
Check out this iLO 7 example on Shodan: [iLO 7 Certificate](https://www.shodan.io/host/196.13.207.235). It already shows the certificate in OpenSSL format, so you might not even need to connect to your own. Just a heads up, though: don't expose your iLO to the internet!
I'm genuinely curious about why you want to see the factory iLO certificate. Wouldn't a factory reset achieve a similar result as checking the original certificate?
If you're just looking to see the factory state, have you considered doing a factory reset? I know you might lose some settings, but it could help you access the original certificate. Just a thought!
Related Questions
Lenovo Thinkpad Stuck In Update Loop Install FilterDriverU2_Reload