Using Systems Boot/Certificate as a Trust-Store

« Prev
1
Next »

okashany Minnow Posts: 9	Using Systems Boot/Certificate as a Trust-Store Dec 20, 2023 11:36:02 GMT Quote Select Post Deselect Post Link to Post Back to Top Post by okashany on Dec 20, 2023 11:36:02 GMT Hi, Can “/redfish/v1/Systems/<system_name>/Boot/Certificates” be used as a trust-store for CA certificates? If yes, how can we differentiate between a CA certificate and any other leaf certificate? Thanks, Orit

mraineri
Administrator

Posts: 1,132

Using Systems Boot/Certificate as a Trust-Store Dec 27, 2023 1:00:17 GMT

Quote

Post by mraineri on Dec 27, 2023 1:00:17 GMT

No, that's not a trust store for CA certificates. That certificate collection is specifically for HTTP booting. The certificates found in that collection will be the certificates for the HTTPS servers hosting the boot image for the system. It's possible there are CA certificates in there as part of a certificate chain (with Certificatetype PEMchain), but ultimately there will be a leaf certificate for the HTTPS server hosting the boot image.

Using Systems Boot/Certificate as a Trust-Store

Post by okashany on Dec 20, 2023 11:36:02 GMT

Post by mraineri on Dec 27, 2023 1:00:17 GMT