The Extended Key Usage (EKU) field in the iLO certificate does not contain 'Server Authentication' and/or 'Client Authentication'

Symptom

Unable to establish trusted communication with the server. The Extended Key Usage (EKU) field in the iLO certificate does not contain 'Server Authentication' and/or 'Client Authentication'.

This alert was updated in HPE OneView 4.1.

ID: server-hardware.Certificate.psrm.trustFailure.ssleku

Severity: Critical

Health Category: Operational

Resource URI: /rest/server-hardware/{UUID}

Action
  1. Set up the iLO with a valid certificate that has the EKU field set to 'Server Authentication' and/or 'Client Authentication'.
  2. Do one of the following:

    • If iLO has a CA signed certificate, verify that the root certificate and the appropriate intermediate certificates are present in the HPE OneView trust store.

    • If a new iLO self-signed certificate was generated to correct the issue, add this certificate into the HPE OneView trust store.

  3. Refresh the server, and then retry the operation.
  4. Use the link provided to add certificates to the HPE OneView trust store.