Unable to add a Cisco UCS server with a self signed certificate

Hello,

I am trying to add a Cisco UCS server that has Redfish support. The certificate is self signed one.

steps followed in adding the UCS server.

Navigate : Compute > Physical Infrastructure > Providers > Physical Infrastructure Providers > Add New Physical Infrastructure Provider.

Type : Redfish

Tried all the Security protocol types[SSL, SSL without validation, Non-SSL] in Endpoints, unable to add the UCS server to manageiq.

Below are the error thrown for each security protocol types.

Security protocol: SSL

Credential validation was not successful: Unexpected response returned from system: SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate) (OpenSSL::SSL::SSLError) Unable to verify certificate. This may be an issue with the remote host or with Excon. Excon has certificates bundled, but these can be customized: Excon.defaults[:ssl_ca_path] = path_to_certs ENV['SSL_CERT_DIR'] = path_to_certs Excon.defaults[:ssl_ca_file] = path_to_file ENV['SSL_CERT_FILE'] = path_to_file Excon.defaults[:ssl_verify_callback] = callback (see OpenSSL::SSL::SSLContext#verify_callback) or: Excon.defaults[:ssl_verify_peer] = false (less secure)

Security protocol: SSL without validation
Credential validation was not successful: Unexpected response returned from system: Invalid credentials

Security protocol: Non-SSL
Credential validation was not successful: Unexpected response returned from system: Connection reset by peer (Errno::ECONNRESET)

How to add the UCS server?

Thanks,
Mohan

I haven’t used Redfish myself, but the error message suggests, that you are using the wrong credentials. Have you tried connecting to the Redfish Service manually (i.e. via curl)? Have you tried using administrator credentials?

Hi buc,

Thanks for the response
Yes, tried manually, below is the command I have used.

curl -u username:password https://cimc-ip/redfish/v1/Systems --insecure
{
“Members”:[{
@odata.id”:"/redfish/v1/Systems/sys-id"
}],
“Description”:“Collection of Computer Systems”,
@odata.type”:"#Cisco_ComputerSystemCollection",
@odata.id”:"/redfish/v1/Systems",
“Members@odata.count”:1,
“Name”:“Computer System Collection”,
@odata.context”:"/redfish/v1/$metadata#Systems"
}

Above curl call hit CIMC and gives back response.

The above credential and the credential used for accessing Cisco IMC are same…

Thanks,
Mohan