Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 5.10 for Dell PowerEdge M1000E
919293949596979899100
with the remote system cannot be viewed or changed by others. Without a secure server certificate, CMC
is vulnerable to access from unauthorized users.
To obtain a secure server certificate for CMC, you must submit a Certificate Signing Request (CSR) to a
certificate authority of your choice. A CSR is a digital request for a signed, secure server certificate
containing information about your organization and a unique, identifying key.
After generating the CSR, you are prompted to save a copy to your management station or shared
network, and the unique information used to generate the CSR is stored on CMC. This information is
used later to authenticate the server certificate you receive from the certificate authority. After you
receive the server certificate from the certificate authority, you must then upload it to CMC.
NOTE: For CMC to accept the server certificate returned by the certificate authority, authentication
information contained in the new certificate must match the information that was stored on CMC
when the CSR was generated.
CAUTION: When a new CSR is generated, it overwrites any previous CSR on CMC. If a pending
CSR is overwritten before its server certificate is granted from a certificate authority, CMC does
not accept the server certificate because the information it uses to authenticate the certificate
has been lost. Take caution when generating a CSR to prevent overwriting any pending CSR.
Generating a New Certificate Signing Request Using Web Interface
To generate a CSR using the CMC Web interface:
1. In the system tree, go to Chassis Overview, and then click NetworkSSL. The SSL Main Menu is
displayed.
2. Select Generate a New Certificate Signing Request (CSR) and click Next. The Generate Certificate
Signing Request (CSR) page is displayed.
3. Type a value for each CSR attribute value.
4. Click Generate. A File Download dialog box appears.
5. Save the csr.txt file to your management station or shared network. (You may also open the file at
this time and save it later.) You must later submit this file to a certificate authority.
Generating CSR Using RACADM
To generate a CSR, use the objects in cfgRacSecurityData group to specify the values and use the
sslcsrgen command to generate the CSR. For more information, see the Chassis Management
Controller for Dell PowerEdge M1000e RACADM Command Line Reference Guide available at dell.com/
support/manuals.
Uploading Server Certificate
After generating a CSR, you can upload the signed SSL server certificate to the CMC firmware. CMC
resets after the certificate is uploaded. CMC accepts only X509, Base 64 encoded Web server certificates.
CAUTION: During the certificate upload process, CMC is not available.
NOTE: If you upload a certificate and try to view it immediately, an error message is displayed
indicating that the requested operation cannot be performed. This happens because the web server
is in the process of restarting with the new certificate. After the web server restarts, the certificate is
uploaded successfully and you can view the new certificate. After uploading a certificate, you may
experience a delay of around one minute before being able to view the uploaded certificate.
100