Setting iLO in high security modes
This section describes how to set a managed iLO into a high security mode and how to use the RESTful Interface Tool in these modes. For more information about the high security modes of iLO, refer to Security Service section.
NOTE
High security settings are only available in HPE Gen10 servers and later.
Setting iLO in a high security mode
To modify the security mode of a managed iLO with iLOrest, select the
HpeSecurityService. data type,
and then set the SecurityState
property to one of the
allowed values
and commit.
NOTE
After the commit operation has been completed, iLO resets to apply the changes.
Using HPE iLOrest in iLO high security modes
HPE iLOrest, in remote mode (out-of-band), continues to function normally in high security modes.
To use HPE iLOrest locally (in-band) in a high security mode, you must pass credentials along with your commands. Refer to this blog post for more information about in-band managment.
Warning
In interactive mode, you only need to pass your credentials during the login command. In command line mode, you must pass credentials for EACH COMMAND, even if you are already logged in.
If you do not pass the proper credentials in local mode, you receive and error.
Operating system FIPS modes
iLOrest version 2.2 and greater have OS FIPS support. If an OS is set to enforce FIPS, RESTful Interface Tool uses a FIPS version of OpenSSL.
For users running from source that would like FIPS support, please refer to this article for information on including this feature.