Add a certificate

Prerequisites
  • Privileges:
    • Infrastructure Administrator to add certificate authority certificates and server certificates.

    • Network administrator, Server administrator, Software administrator, or Storage administrator to add server certificates.

  • One or more TLS certificates available to upload, in base64 encoded PEM format.

  • The IP address and port of a managed device or a remote server to fetch a TLS certificate.

Procedure
  1. From the main menu, select Settings. In the Security panel, select Manage certificates.
  2. From the Manage certificates screen, select Add certificates.
  3. Select the radio button for Paste certificate or Add a certificate from an IP address or hostname.

    The Paste certificate option adds a CA (root or intermediate) certificate or self-signed certificate to the HPE OneView trust store by pasting the Base64-encoded certificate or chain of certificates.

    Use the Add a certificate from an IP address or hostname option on the GUI to obtain the certificate or certificate chain by connecting to the IP address or port. This option is preferred if a managed device is available on the network to fetch a certificate. You can type in the hostname, IPv4 or IPv6 address, and an optional port number. If you do not specify a port number, 443 is used, by default.

  4. Click Validate to validate the certificate.
    Validates the certificate, and optionally provides an alias name to easily identify the certificate before adding the certificate to the trust store.
    NOTE:

    Multi byte characters are not supported for the alias name to store the certificate. You can start the alias name with alphanumeric characters, and use a space, dot (.), colon (:), hyphen (-), or an underscore (_).

  5. Click Add to add the certificate or click Add+ to add more certificates.

    You can add root CA and intermediate CA certificates or either of them to the appliance.

  6. Verify that the certificates are uploaded on the Manage certificates screen.
  7. Select Actions > Import appliance certificate to import the leaf level CA-signed appliance certificate.