The certificate path constraint in one or more certificates in the certificate chain is either not valid

Symptom

Unable to establish trusted communication with the server. The certificate path constraint in one or more certificates in the certificate chain is either not valid or the actual certificate chain depth exceeded the value specified in the certificate path.

This alert was updated in HPE OneView 4.1.

ID: server-hardware.Certificate.psrm.trustFailure.sslchaindepth

Severity: Critical

Health Category: Operational

Resource URI: /rest/server-hardware/{UUID}

Action
  1. Verify that the value of the certificate path constraint in each of the certificates in the iLO certificate chain is valid, and has a value between 0 and 9.
  2. Verify that the certificate chain depth at each level does not exceed the depth specified in the certificate.
  3. Update the HPE OneView trust store with any new or updated certificates that were uploaded into iLO to correct the issue.
  4. Do one of the following:

    • If iLO has a CA signed certificate, verify that the root certificate and the appropriate intermediate certificates are present in the HPE OneView trust store.

    • If a new iLO self-signed certificate was generated to correct the issue, add this certificate into the HPE OneView trust store.

  5. Refresh the server and retry the operation.
  6. Use the link provided to add certificates to the HPE OneView trust store.