Reference Guide

sslcsrgen

Description Generates and downloads a certificate signing request (CSR) file to the client’s local file system. The CSR can

be used for creating a custom SSL certificate that can be used for SSL transactions on iDRAC.

To run this subcommand, you must have the Configure iDRAC privilege.

Synopsis

• racadm sslcsrgen -g

• racadm sslcsrgen [-g] [-f <filename>]

• racadm sslcsrgen -s

Input

• -g — Generates a new CSR.

• -s — Returns the status of a CSR generation process (generation in progress, active, or none).

• -f — Specifies the filename of the location, <filename>, where the CSR is downloaded.

NOTE:

•

If the -f option is not specified, the filename defaults to sslcsr in your current directory.

• The -f option is only supported on the remote interface(s).

Output If no options are specified, a CSR is generated and downloaded to the local file system as sslcsr by default. The

-g option cannot be used with the -s option, and the -f option can only be used with the -g option.

The sslcsrgen -s subcommand returns one of the following status codes:

• CSR was generated successfully.

• CSR does not exist.

Example

• Display current status of CSR operation:

racadm sslcsrgen -s

racadm sslcsrgen -g -f c:\csr\csrtest.txt

• Generate and download a CSR to local file system:

racadm -r 192.168.0.120 -u root -p calvin sslcsrgen -g -f csrtest.txt

NOTE: Before a CSR can be generated, the CSR fields must be configured in the RACADM iDRAC.Security group.

For example:

racadm set iDRAC.security.commonname MyCompany

NOTE: In Telnet or SSH console, you can only generate and not download the CSR file.

sslkeyupload

Description

Uploads SSL key from the client to iDRAC.

To run this subcommand, you must have the Server Control privilege.

Synopsis

racadm sslkeyupload -t <type> -f <filename>

Input

• -t — Specifies the key to upload. The value is:

– 1 — SSL key used to generate the server certificate.

• -f — Specifies the filename of the SSL key that must be uploaded.