Manualshelf

Setup Guide

ManualsBrandsDell ManualsConverged InfrastructureSecurity Solution Resources
41424344454647484950
Next Generation KeySecure (k170v)
43 Enable OpenManage Secure Enterprise Key Manager (SEKM) on Dell EMC PowerEdge Servers
4.3 Set up SEKM on iDRAC
Licensing and firmware update
SEKM is a licensed feature with the iDRAC Enterprise or Data Center license as a pre-requisite. To avoid an
additional iDRAC firmware update, it is recommended that the SEKM license is installed first and then the
iDRAC firmware updated to a version that supports SEKM. This is because an iDRAC firmware update is
always required after the SEKM license is installed irrespective of whether the existing firmware version
supports SEKM or not. The existing interface methods for installing license and firmware update can be used
for SEKM.
Set up SSL certificate
The SEKM solution mandates two-way authentication between the iDRAC and the KMS. iDRAC
authentication requires generating a CSR on the iDRAC and then getting it signed by a CA on the KMS and
uploading the signed certificate to iDRAC. For KMS authentication, the KMS CA certificate must be uploaded
to iDRAC.
4.4 Configure SEKM by using the iDRAC GUI
For the Key Management Server, this workflow will be using the Next Generation KeySecure as the Key
Management Server (KMS).
1. Start iDRAC by using any supported browser.
2. Click iDRAC Settings Services.