When migrating from OME 3.10 to OME 4.x appliances, a requirement is that the full certificate chain is uploaded to the appliance instead of just the standard cert.
In the oem_appliacation_certificate module, even if the upload_file contains the full certificate chain, it is not imported as the full chain, and causes the migration to be blocked.
Another parameter should be added to import either the Certificate or Certificate Chain, with a default of Certificate
I lost about 3 hours of work generating and importing certs, only to find out that if I used the GUI to import the same certificate I was providing to the Ansible module and selected Certificate Chain, it worked as expected
Create a .cer file that contains the full certificate chain and use the ansible module to upload the certificate chain file
Observe no errors and new cert is used in OME, but is not imported as the Certificate Chain, causing a validation error failure in the Migrate Out/In steps
Expected Behavior
If a full chain is provided, it will be uplaoded as the full chain, or a parameter added to specify if the file being provided is a certificate or a certificate chain
Actual Behavior
Observe no errors and new cert is used in OME, but is not imported as the Certificate Chain, causing a validation error failure in the Migrate Out/In steps
Bug Description
When migrating from OME 3.10 to OME 4.x appliances, a requirement is that the full certificate chain is uploaded to the appliance instead of just the standard cert. In the oem_appliacation_certificate module, even if the
upload_file
contains the full certificate chain, it is not imported as the full chain, and causes the migration to be blocked.Another parameter should be added to import either the Certificate or Certificate Chain, with a default of Certificate
I lost about 3 hours of work generating and importing certs, only to find out that if I used the GUI to import the same certificate I was providing to the Ansible module and selected Certificate Chain, it worked as expected
Component or Module Name
ome_application_certificate
Ansible Version
2.16
Python Version
3.10
iDRAC/OME/OME-M version
OME 3.10.2 and OME 4.0.1
Operating System
N/A
Playbook Used
Logs
N/A
Steps to Reproduce
Create a .cer file that contains the full certificate chain and use the ansible module to upload the certificate chain file
Observe no errors and new cert is used in OME, but is not imported as the Certificate Chain, causing a validation error failure in the Migrate Out/In steps
Expected Behavior
If a full chain is provided, it will be uplaoded as the full chain, or a parameter added to specify if the file being provided is a certificate or a certificate chain
Actual Behavior
Observe no errors and new cert is used in OME, but is not imported as the Certificate Chain, causing a validation error failure in the Migrate Out/In steps
Screenshots
Additional Information
No response