The user only has as choice to continue no connection is establishedĪn encrypted connection should be possible, at least temporarily accepting the dubious certificateĭisplay (or allow to display) details of the certificate being in question, in comparison to the conflicting certificate. A pop-up appears saying that the certificate is not acceptableģ. connect to HP's iLOM2 that has created at least two certificates during its lifetimeĢ. Neither can I see the issuing CA, but I guess the certificate is self-signed.ġ. Unfortunately no serial number is displayed there. Certificate can be viewed from command line's "SO" (=Security Options) and "L" (display SSL certificate).
ILOM firmware in question is "E.03.30" (latest AFAIK) on a HP Integrity (Itanium2) rx4640 server. When trying to connect to HP'S iLOM2 (Integrated Lights Out Management 2) via HTTPS, Firefox 2.0.0.4 (on Windows/XP) brings up a windows saying that there was a certificate with a duplicate serial number from the same CA detected, and that I should get a different certificate.ġ) The iLOM2 firmware creates the certificates locally, allowing only limited user influence.Ģ) The user cannot decide to "connect anyway" (like for other dubious certificates)ģ) There's no way to display the details of the certificates that Firefox claims to have duplicate serial numbers (the average user might not care, but the IT professional will)
0 kommentar(er)
