Users Guide

82 Configuring the DRAC 5 Using the Web User Interface

Securing DRAC 5 Communications Using SSL and Digital

Certificates

This subsection provides information about the following data security features that are incorporated in

your DRAC 5:

• Secure Sockets Layer (SSL)

• Certificate Signing Request (CSR)

• Accessing the SSL main menu

• Generating a new CSR

• Uploading a server certificate

• Viewing a server certificate

Secure Sockets Layer (SSL)

The DRAC includes a Web server that is configured to use the industry-standard SSL security protocol

to transfer encrypted data over the Internet. Built upon public-key and private-key encryption

technology, SSL is a widely accepted technique for providing authenticated and encrypted

communication between clients and servers to prevent eavesdropping across a network.

SSL allows an SSL-enabled system to perform the following tasks:

• Authenticate itself to an SSL-enabled client

• Allow the client to authenticate itself to the server

• Allow both systems to establish an encrypted connection

This encryption process provides a high level of data protection. The DRAC employs the 128-bit SSL

encryption standard, the most secure form of encryption generally available for Internet browsers in

North America.

The DRAC Web server includes a Dell self-signed SSL digital certificate (Server ID). To ensure high

security over the Internet, replace the Web server SSL certificate by submitting a request to the DRAC

to generate a new Certificate Signing Request (CSR).

Certificate Signing Request (CSR)

A CSR is a digital request to a Certificate Authority (CA) for a secure server certificate. Secure server

certificates ensure the identity of a remote system and ensure that information exchanged with the

remote system cannot be viewed or changed by others. To ensure the security for your DRAC, it is

strongly recommended that you generate a CSR, submit the CSR to a CA, and upload the certificate

returned from the CA.