Users Guide
Using the iDRAC6 With Microsoft Active Directory 165
12
In the
Certificate Export Wizard
, click
Next
, and select
No do not export
the private key
.
13
Click
Next
and select
Base-64 encoded X.509 (.cer)
as the format.
14
Click
Next
and save the certificate to a directory on your system.
15
Upload the certificate you saved in step 14 to the iDRAC.
To upload the certificate using RACADM, see "Configuring Active
Directory With Extended Schema Using the iDRAC6 Web-Based
Interface" or "Configuring Active Directory With Standard Schema Using
RACADM."
To upload the certificate using the Web-based interface, see "Configuring
Active Directory With Extended Schema Using the iDRAC6 Web-Based
Interface" or "Configuring Active Directory With Standard Schema Using
the iDRAC6 Web-Based Interface."
Importing the iDRAC6 Firmware SSL Certificate
NOTE: If the Active Directory Server is set to authenticate the client during an SSL
session initialization phase, you need to upload the iDRAC Server certificate to the
Active Directory Domain controller as well. This additional step is not required if the
Active Directory does not perform a client authentication during an SSL session’s
initialization phase.
Use the following procedure to import the iDRAC6 firmware SSL certificate
to all domain controller trusted certificate lists.
NOTE: If your system is running Windows 2000, the following steps may vary.
NOTE: If the iDRAC6 firmware SSL certificate is signed by a well-known CA and the
certificate of that CA is already in the domain controller's Trusted Root Certificate
Authority list, you are not required to perform the steps in this section.
The iDRAC SSL certificate is the identical certificate used for the
iDRAC Web server. All iDRAC controllers are shipped with a default
self-signed certificate.
To download the iDRAC SSL certificate, run the following RACADM command:
racadm sslcertdownload -t 0x1 -f <RAC SSL certificate>
1
On the domain controller, open an
MMC Console
window and select
Certificates
→
Trusted Root Certification Authorities
.
2
Right-click
Certificates
, select
All Tasks
and click
Import
.