Manualshelf

Users Guide

ManualsBrandsDell ManualsSoftwareLifecycle Controller 2 Version 1.0.8
21222324252627282930
Custom Client Certificate Deletion
Use the DeleteAutoDiscoveryClientCerts() method on the DCIM_LCService class to delete a client certificate and
private key.
Changing the Web Server or WS-Management Encryption Certificate and Private Key
from PKCS #12
To change the certificate and key:
1. Generate a CSR and private key. The CSR needs to be signed by a CA.
2. Combine the certificate with the private key then encrypt it into a PKCS#12 file.
3. BASE64 encode the PKCS#12 file to convert it from binary to text so you can pass it as a WS-Management
parameter.
4. Copy the contents of the active certificate to an XML file.
Managing Server Certificates
To successfully perform remote operations on the server, make sure that the following prerequisites are met:
Common Prerequisites Before Using Remote Services
Time is set correctly on iDRAC.
The certificate on some systems have expired and has to be newly uploaded. The certificate authenticates Web GUI,
WS-Management, RACADM, Active Directory, and LDAP sessions.
To manage server certificates:
NOTE: The method restarts all Web services and closes all active sessions.
NOTE: The CA that signed the new server certificate must be added to the trusted Root CA list on all clients.
1. Create a CSR and private key (without password protection) — openssl req -new -nodes.
2. Either sign the CSR using ’openssl ca’ or upload to a signing web server.
3. Copy the certificate and private key into a file (PEM file) — cat cert.pem key.txt > cert_key.pem.
4. Convert cert_key.pem to pkcs12 — openssl pkcs12 -export -in cert_key.pem -passin file:password.txt -out new.pfx
5. Encode the pkcs12 base64 file — openssl base64 -export -in new.pfx -out new_pfx.txt.
6. Use the contents of new_pfx.txt as a parameter to the WS-Management command.
7. Invoke SetCertificateAndPrivateKey() method with the required parameters.
After setting the server certificate the Web services restarts. All sessions are closed and new WS-Management
commands must accept the new server certificate.
References For Managing Server Certificates
NOTE: The sections referenced in this table contain only generic examples.
26