Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 6.10 For Dell PowerEdge M1000e
919293949596979899100
Login Type Certicate Type How to Obtain
Trusted CA certicate — This certicate is issued by a CA.
Active Directory user
login
Trusted CA certicate This certicate is issued by a CA.
Local User login SSL Certicate Generate a CSR and get it signed from a trusted CA.
NOTE: CMC ships with a default self-signed SSL server certicate.
The CMC Web server and Virtual Console use this certicate.
Related links
Secure Sockets Layer Server Certicates
Secure Sockets Layer Server Certicates
CMC includes a Web server that is congured to use the industry-standard Secure Sockets Layer (SSL) security protocol to transfer
encrypted data over the Internet. Built upon public-key and private-key encryption technology, SSL is a widely accepted technique for
providing authenticated and encrypted communication between clients and servers to prevent eavesdropping across a network.
SSL allows an SSL-enabled system to perform the following tasks:
Authenticate itself to an SSL-enabled client.
Allow the client to authenticate itself to the server.
Allow both systems to establish an encrypted connection.
This encryption process provides a high level of data protection. CMC employs the 128-bit SSL encryption standard, the most secure form
of encryption generally available for Internet browsers in North America.
The CMC Web server includes a Dell self-signed SSL digital certicate (Server ID). To ensure high security over the Internet, replace the
Web server SSL certicate by submitting a request to CMC to generate a new Certicate Signing Request (CSR).
At boot time, a new self-signed certicate is generated if:
A custom certicate is not present
A self-signed certicate is not present
The self-signed certicate is corrupt
The self-signed certicate is expired (within 30 day window)
The self-signed certicate displays the common name as <cmcname.domain-name> where cmcname is the CMC host name and domain-
name is the domain name. If domain name is not available it displays only the Partially Qualied Domain Name (PQDN), which is the CMC
host name.
Certicate Signing Request
A Certicate Signing Request (CSR) is a digital request to a certicate authority (referred to as a CA in the Web interface) for a secure
server certicate. Secure server certicates ensure the identity of a remote system and ensure that information exchanged with the
remote system cannot be viewed or changed by others. To ensure the security for your CMC, it is strongly recommended that you
generate a CSR, submit the CSR to a certicate authority, and upload the certicate returned from the certicate authority.
A certicate authority is a business entity that is recognized in the IT industry for meeting high standards of reliable screening,
identication, and other important security criteria. Examples of CAs include Thawte and VeriSign. After the certicate authority receives
your CSR, they review and verify the information the CSR contains. If the applicant meets the certicate authority’s security standards, the
94
Conguring CMC