Users Guide
66 Configuring the iDRAC6 Using the Web Interface
An SSL-enabled system can perform the following tasks:
• Authenticate itself to an SSL-enabled client
• Allow the client to authenticate itself to the server
• Allow both systems to establish an encrypted connection
The encryption process provides a high level of data protection. The iDRAC6
employs the 128-bit SSL encryption standard, the most secure form of
encryption generally available for Internet browsers in North America.
The iDRAC6 Web server has a Dell self-signed SSL digital certificate (Server
ID) by default. To ensure high security over the Internet, replace the Web
server SSL certificate with a certificate signed by a well-known certificate
authority. To initiate the process of obtaining a signed certificate, you can use
the iDRAC6 Web interface to generate a Certificate Signing Request (CSR)
with your company’s information. You can then submit the generated CSR to
a Certificate Authority (CA) such as VeriSign or Thawte.
Certificate Signing Request (CSR)
A CSR is a digital request to a CA for a secure server certificate. Secure server
certificates allow clients of the server to trust the identity of the server they
have connected to and to negotiate an encrypted session with the server.
A Certificate Authority is a business entity that is recognized in the IT
industry for meeting high standards of reliable screening, identification, and
other important security criteria. Examples of CAs include Thawte and
VeriSign. After the CA receives a CSR, they review and verify the information
the CSR contains. If the applicant meets the CA’s security standards, the CA
issues a digitally-signed certificate that uniquely identifies that applicant for
transactions over networks and on the Internet.
After the CA approves the CSR and sends the certificate, upload the
certificate to the iDRAC6 firmware. The CSR information stored on the
iDRAC6 firmware must match the information contained in the certificate.