zmeier/Sandbox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sync

Browse Source
This commit is contained in:
Zack Meier
2026-04-15 15:42:41 -05:00
parent 74edcc4d9a
commit 03dba08135
146 changed files with 9119 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
HPEILO-Certificates.ps1
+74
View File
@@ -0,0 +1,74 @@
# confirmed working on DL380 Gen10 with HPEiLOCmdlets version 3.2.0.0
# 2024/02/05 -- still requires PowerShell 5.1 "for some reason"
### #####itdvmmdnwin11lo.nd.gov
#$iLOCred = Get-Secret -Name IloSboxCred
Import-Module HPEiLOCmdlets
$iLOCred = Get-Credential
$iLOFQDNs = @"
itdvmbisps16lo.nd.gov
itdvmbiswas09lo.nd.gov
"@
<#
#>
$iLOFQDNs = ConvertTo-Array -MultiLineString $iLOFQDNs
$iLOConnections = ForEach ($iLOFQDN in $iLOFQDNs) {
Connect-HPEiLO -Address $iLOFQDN -Credential $iLOCred -DisableCertificateAuthentication
}
Get-HPEiLOSSLCertificateInfo -Connection $iLOConnections -ov x
ForEach ($iLOConnection in $iLOConnections) {
Start-HPEiLOCertificateSigningRequest -Connection $iLOConnection `
-CommonName $iloConnection.Hostname `
-Organization "State of North Dakota" `
-Country US `
-City Bismarck `
-State "North Dakota" `
-OrganizationalUnit NDIT
}
Start-Sleep -Seconds 30
#wait 30 seconds, then continue -- will copy CSR to clipboard, paste it into Ansible playbook, vmware@nd.gov for email, hit Enter and loop
ForEach ($iLOConnection in $iLOConnections) {
$CSR = Get-HPEiLOCertificateSigningRequest -Connection $iLOConnection
Write-Warning -Message ("Start " + $CSR.Hostname)
$CSR.CertificateSigningRequest | Set-Clipboard
Pause
}
#### send csr to ca
# get certificate back, updating download folder below as needed
# download the "Certificate only, PEM encoded" cert
ForEach ($iLOFQDN in $iLOFQDNs) {
Write-Warning -Message "Start $iloFQDN"
$cert = Get-ChildItem D:\Downloads | Where-Object { $_.Name -eq ($iLOFQDN.replace(".", "_") + "_cert.cer") } | Get-Content
$connection = $iLOConnections | Where-Object Hostname -EQ $iLOFQDN
Import-HPEiLOCertificate -Certificate ($cert | Out-String) -Connection $connection
Write-Warning -Message "End $iloFQDN"
}
# OneView, refresh server hardware
# validate certificate after 30 seconds / iLO reset
[Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
ForEach ($iloFQDN in $iLOFQDNs) {
$url = ("https://" + $iloFQDN)
$req = [Net.HttpWebRequest]::Create($Url)
$req.GetResponse() | Out-Null
$output = [PSCustomObject]@{
URL = $url
'Cert Start Date' = $req.ServicePoint.Certificate.GetEffectiveDateString()
'Cert End Date' = $req.ServicePoint.Certificate.GetExpirationDateString()
}
$output
}