Installation Manual

ManualsBrandsTechMikeNY ManualsComputers & AccessoriesTechMikeNY High-End PowerEdge R620 Server 2X 2.90Ghz E5-2690 8C 384GB 8X 512GB SSD (Certified Refurbished)

is called a wildcard certificate. If a wildcard CSR is generated outside of iDRAC, you can have a signed single wildcard

SSL certificate that you can upload for multiple iDRACs and all the iDRACs are trusted by the supported browsers. While

connecting to iDRAC Web interface using a supported browser that supports a wildcard certificate, the iDRAC is trusted

by the browser. While launching viewers, the iDRACs are trusted by the viewer clients.

Related Links

Generating a New Certificate Signing Request

Uploading Server Certificate

Viewing Server Certificate

Uploading Custom Signing Certificate

Downloading Custom SSL Certificate Signing Certificate

Deleting Custom SSL Certificate Signing Certificate

Generating a New Certificate Signing Request

A CSR is a digital request to a Certificate Authority (CA) for a SSL server certificate. SSL server certificates allow clients

of the server to trust the identity of the server and to negotiate an encrypted session with the server.

After the CA receives a CSR, they review and verify the information the CSR contains. If the applicant meets the CA’s

security standards, the CA issues a digitally-signed SSL server certificate that uniquely identifies the applicant’s server

when it establishes SSL connections with browsers running on management stations.

After the CA approves the CSR and issues the SSL server certificate, it can be uploaded to iDRAC7. The information used

to generate the CSR, stored on the iDRAC7 firmware, must match the information contained in the SSL server certificate,

that is, the certificate must have been generated using the CSR created by iDRAC7.

Related Links

SSL Server Certificates

Generating CSR Using Web Interface

To generate a new CSR:

NOTE: Each new CSR overwrites any previous CSR data stored in the firmware. The information in the CSR must

match the information in the SSL server certificate. Else, iDRAC7 does not accept the certificate.

1. In the iDRAC7 Web interface, go to Overview → iDRAC Settings → Network → SSL, select Generate a New

Certificate Signing Request (CSR) and click Next.

The Generate a New Certificate Signing Request page is displayed.

2. Enter a value for each CSR attribute.

For more information, see

iDRAC7 Online Help

.

3. Click Generate.

A new CSR is generated. Save it to the management station.

Generating CSR Using RACADM

To generate a CSR using RACADM, use the objects in the cfgRacSecurity group with the config command or use the

objects in the iDRAC.Security group with the set command, and then use the sslcsrgen command to generate the CSR.

For more information, see the

RACADM Command Line Reference Guide for iDRAC7 and CMC

available at dell.com/

support/manuals.

Uploading Server Certificate

After generating a CSR, you can upload the signed SSL server certificate to the iDRAC7 firmware. iDRAC7 resets after

the certificate is uploaded. iDRAC7 accepts only X509, Base 64 encoded Web server certificates. SHA-2 certificates are

also supported.

85