Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 5.0 For Dell PowerEdge M1000E
919293949596979899100
Generating a New Certificate Signing Request
To ensure security, it is strongly recommended that you obtain and upload a secure server certificate to
CMC. Secure server certificates ensure the identity of a remote system and that information exchanged
with the remote system cannot be viewed or changed by others. Without a secure server certificate, CMC
is vulnerable to access from unauthorized users.
To obtain a secure server certificate for CMC, you must submit a Certificate Signing Request (CSR) to a
certificate authority of your choice. A CSR is a digital request for a signed, secure server certificate
containing information about your organization and a unique, identifying key.
After generating the CSR, you are prompted to save a copy to your management station or shared
network, and the unique information used to generate the CSR is stored on CMC. This information is
used later to authenticate the server certificate you receive from the certificate authority. After you
receive the server certificate from the certificate authority, you must then upload it to CMC.
NOTE: For CMC to accept the server certificate returned by the certificate authority, authentication
information contained in the new certificate must match the information that was stored on CMC
when the CSR was generated.
CAUTION: When a new CSR is generated, it overwrites any previous CSR on CMC. If a pending
CSR is overwritten before its server certificate is granted from a certificate authority, CMC does
not accept the server certificate because the information it uses to authenticate the certificate
has been lost. Take caution when generating a CSR to prevent overwriting any pending CSR.
Generating a New Certificate Signing Request Using Web Interface
To generate a CSR using the CMC Web interface:
1. In the system tree, go to Chassis Overview, and then click NetworkSSL. The SSL Main Menu is
displayed.
2. Select Generate a New Certificate Signing Request (CSR) and click Next. The Generate Certificate
Signing Request (CSR) page is displayed.
3. Type a value for each CSR attribute value.
4. Click Generate. A File Download dialog box appears.
5. Save the csr.txt file to your management station or shared network. (You may also open the file at
this time and save it later.) You must later submit this file to a certificate authority.
Generating CSR Using RACADM
To generate a CSR, use the objects in cfgRacSecurityData group to specify the values and use the
sslcsrgen command to generate the CSR. For more information, see the Chassis Management
Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide available at dell.com/
support/manuals.
Uploading Server Certificate
After generating a CSR, you can upload the signed SSL server certificate to the CMC firmware. CMC
resets after the certificate is uploaded. CMC accepts only X509, Base 64 encoded Web server certificates.
CAUTION: During the certificate upload process, CMC is not available.
98