Users Guide
Using the iDRAC6 Directory Service 175
Authority (CA)—the root certificate of which is also uploaded into the
iDRAC. In other words, for iDRAC to be able to authenticate to any domain
controller—whether it is the root or the child domain controller—that
domain controller should have an SSL-enabled certificate signed by the
domain’s CA.
If you are using Microsoft Enterprise Root CA to automatically assign all your
domain controllers to an SSL certificate, perform the following steps to
enable SSL on each domain controller:
1
Enable SSL on each of your domain controllers by installing the SSL
certificate for each controller.
a
Click
Start
→
Administrative Tools
→
Domain Security Policy
.
b
Expand the
Public Key Policies
folder, right-click
Automatic
Certificate Request Settings
and click
Automatic Certificate
Request
.
c
In the
Automatic Certificate Request Setup Wizard
, click
Next
and
select
Domain Controller
.
d
Click
Next
and click
Finish
.
Exporting the Domain Controller Root CA Certificate to the iDRAC6
NOTE: If your system is running Windows 2000, the following steps may vary.
NOTE: If you are using a standalone CA, the following steps may vary.
1
Locate the domain controller that is running the Microsoft Enterprise
CA service.
2
Click
Start
→
Run
.
3
In the
Run
field, type
mmc
and click
OK
.
4
In the
Console 1
(MMC) window, click
File (
or
Console
on Windows 2000
systems
)
and select
Add/Remove Snap-in
.
5
In the
Add/Remove Snap-In
window, click
Add
.
6
In the
Standalone Snap-In
window, select
Certificates
and click
Add
.
7
Select
Computer
account
and click
Next
.
8
Select
Local Computer
and click
Finish
.
9
Click
OK
.