Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 5.10 for Dell PowerEdge M1000E
281282283284285286287288289290
Managing and Recovering a Remote System
While accessing the CMC Web interface, a security warning stating that the host name of the SSL
certificate does not match the host name of CMC is displayed.
CMC includes a default CMC server certificate to ensure network security for the Web interface and
remote RACADM features. When this certificate is used, the Web browser displays a security warning
because the default certificate is issued to CMC default certificate which does not match the host name
of CMC (for example, the IP address).
To address this security concern, upload a CMC server certificate issued to the IP address of CMC. When
generating the certificate signing request (CSR) to be used for issuing the certificate, ensure that the
common name (CN) of the CSR matches the IP address of CMC (for example, 192.168.0.120) or the
registered DNS CMC name.
To ensure that the CSR matches the registered DNS CMC name:
1. In the CMC Web interface, go to the System tree, click Chassis Overview.
2. Click the Network tab, and then click Network.
The Network Configuration page appears.
3. Select the Register CMC on DNS option.
4. Type the CMC name in the DNS CMC Name field.
5. Click Apply Changes.
For more information about generating CSRs and issuing certificates, see Obtaining Certificates.
Why are the remote RACADM and Web-based services unavailable after a property change?
It may take some time for the remote RACADM services and the Web interface to become available
after the CMC Web server resets. The CMC Web server is reset after the following occurrences:
Changing the network configuration or network security properties using the CMC Web interface.
The cfgRacTuneHttpsPort property is changed (including when a config -f <config file>
command changes it).
racresetcfg is used or a chassis configuration backup is restored.
CMC is reset.
A new SSL server certificate is uploaded.
The DNS server does not register my CMC.
Some DNS servers only register names with a maximum of 31 characters.
When accessing the CMC Web interface, a security warning stating that the SSL certificate was
issued by a certificate authority that is not trusted is displayed.
CMC includes a default CMC server certificate to ensure network security for the Web interface and
remote RACADM features. This certificate is not issued by a trusted certificate authority. To address
this security concern, upload a CMC server certificate issued by a trusted certificate authority (such
as Thawte or Verisign). For more information about certificates, see Obtaining Certificates.
286