If you have an older HP server, and as usual with Python, the python-hpilo will bomb out with SSL errors, most likely due to SSLv2 and SSLv3 being obsolete, thereby making python-hpilo or hpilo_cli entirely useless unless you want to spend time recompiling OpenSSL (enjoy).

The HP command and scripting guides for iLO document RIBCL but do not mention that RIBCL may also be accessed via plain HTTP remotely. The URL seems to be:

http://iLO_SERVER_NAME/ribcl

where:

• iLO_SERVER_NAME is the hostname or IP address of the iLO server.

In other words, any POST request with the content type set to text/xml, with the body set to a RIBCL XML command sent to http://SERVER_NAME/ribcl will be executed by iLO. For example, to switch the server off remotely via a POST request using curl, create a file named ilo-poweroff.xml with the following contents:

<RIBCL VERSION="2.0">
         <LOGIN USER_LOGIN="iLO_USERNAME" PASSWORD="iLO_PASSWORD">
          <SERVER_INFO MODE="write">
           <!--  Modify the HOST_POWER attribute to toggle power on the host server  -->
           <!--  HOST_POWER="No"  (Turns host server power off)                      -->
           <!--  A graceful shutdown will be attempted for ACPI-aware                -->
           <!--  operating systems configured to support graceful shutdown.          -->
           <!--  HOST_POWER="Yes" (Turns host server power on)                       -->
           <SET_HOST_POWER HOST_POWER="No"/>
          </SERVER_INFO>
         </LOGIN>
</RIBCL>

and replace iLO_USERNAME and iLO_PASSWORD with the iLO web-interface username and password respectively.

Then issue the following command in the same directory:

curl -k -X POST -H "Content-Type: text/html" --data-binary "@ilo-poweroff.xml" http://iLO_SERVER_NAME/ribcl

where:

• iLO_SERVER_NAME is the hostname or IP address of the iLO server.

After SSL has been obsoleted due to being proven to be unsafe, the only way to access older ILO on older hardware is to use an older browser or an alternative browser such as Pale Moon that still maintains compatibility.

Even using Pale Moon leads to the error SSL_ERROR_NO_CYPHER_OVERLAP when browsing the ILO website.

Some ciphers have been disabled and must be re-enabled in order to be able to access the ILO interface. The following changes must be made by typing in the URL about:config and then searching for the mentioned keys and setting them to the mentioned values:

After the changes, the ILO website should be accessible with a warning.