Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 5.20 for Dell PowerEdge M1000E
81828384858687888990
Login Type Certificate Type How to Obtain
Local User login SSL Certificate Generate a CSR and get it signed from a
trusted CA
NOTE: CMC ships with a default
self-signed SSL server certificate.
The CMC Web server and Virtual
Console use this certificate.
Related links
Secure Sockets Layer (SSL) Server Certificates
Secure Sockets Layer (SSL) Server Certificates
CMC includes a Web server that is configured to use the industry-standard SSL security protocol to transfer encrypted data over
the Internet. Built upon public-key and private-key encryption technology, SSL is a widely accepted technique for providing
authenticated and encrypted communication between clients and servers to prevent eavesdropping across a network.
SSL allows an SSL-enabled system to perform the following tasks:
Authenticate itself to an SSL-enabled client.
Allow the client to authenticate itself to the server.
Allow both systems to establish an encrypted connection.
This encryption process provides a high level of data protection. CMC employs the 128-bit SSL encryption standard, the most
secure form of encryption generally available for Internet browsers in North America.
The CMC Web server includes a Dell self-signed SSL digital certificate (Server ID). To ensure high security over the Internet,
replace the Web server SSL certificate by submitting a request to CMC to generate a new Certificate Signing Request (CSR).
At boot time, a new self-signed certificate is generated if:
A custom certificate is not present
A self-signed certificate is not present
The self-signed certificate is corrupt
The self-signed certificate is expired (within 30 day window)
The self-signed certificate displays the common name as <cmcname.domain-name> where cmcname is the CMC host name and
domain-name is the domain name. If domain name is not available it displays only the Partially Qualified Domain Name (PQDN),
which is the CMC host name.
Certificate Signing Request (CSR)
A CSR is a digital request to a certificate authority (referred to as a CA in the Web interface) for a secure server certificate. Secure
server certificates ensure the identity of a remote system and ensure that information exchanged with the remote system cannot
be viewed or changed by others. To ensure the security for your CMC, it is strongly recommended that you generate a CSR, submit
the CSR to a certificate authority, and upload the certificate returned from the certificate authority.
A certificate authority is a business entity that is recognized in the IT industry for meeting high standards of reliable screening,
identification, and other important security criteria. Examples of CAs include Thawte and VeriSign. After the certificate authority
receives your CSR, they review and verify the information the CSR contains. If the applicant meets the certificate authority’s
security standards, the certificate authority issues a certificate to the applicant that uniquely identifies that applicant for
transactions over networks and on the Internet.
After the certificate authority approves the CSR and sends you a certificate, you must upload the certificate to the CMC firmware.
The CSR information stored on the CMC firmware must match the information contained in the certificate.
NOTE: To configure SSL settings for CMC, you must have Chassis Configuration Administrator privilege.
84