Oracle® ILOM Security Guide For Firmware Releases 3.x and 4.x

Updated: December 2019

Improve Security by Using a Trusted SSL Certificate and Private Key

Secure Socket Layer (SSL) certificates are used both to encrypt communication over a network and to ensure the authenticity of a server or client. Oracle ILOM includes a self-signed SSL certificate that allows the HTTP over SSL protocol to be used out-of-box, without the need for uploading a certificate. When connecting to the Oracle ILOM web interface for the first time, the user is notified that a self-signed certificate is being used and is asked to accept its use. Using the certificate provided, all communication between the web browser and Oracle ILOM is fully encrypted.

However, it is also possible to create and upload a trusted certificate for improved security. A trusted certificate means that the certificate is granted in conjunction with a trusted certificate authority. Using a trusted certificate from a known Certificate Authority ensures the authenticity of the Oracle ILOM web server. Using untrusted (self-signed) certificates opens up the possibility of a man-in-the-middle (MITM) attack.

To regenerate the self-signed Default SSL Certificate from Oracle or to obtain and upload a custom signed SSL Certificate issued from a Certificate Authority, refer to the following procedure(s).