Deployment Guide
Table Of Contents
- Dell Security Management Server Installation and Migration Guide v10.2.13
- Introduction
- Requirements and Architecture
- Pre-Installation Configuration
- Install or Upgrade/Migrate
- Post-Installation Configuration
- Administrative Tasks
- Ports
- SQL Server Best Practices
- Certificates
8. Import the converted signing authority certificate. Return to the command prompt. Type:
keytool -import -trustcacerts -file <csr-filename> -keystore cacerts
9. Now that the signing authority certificate has been imported, the server certificate can be imported (the chain of trust can
be established). Type:
keytool -import -alias sslkey -file <csr-filename> -keystore cacerts
Use the alias of the self-signed certificate to pair the CSR request with the server certificate.
10. A listing of the cacerts file shows that the server certificate has a certificate chain length of 2, which indicates that the
certificate is not self-signed. Type:
keytool -list -v -keystore cacerts
The certificate fingerprint of the second certificate in the chain is the imported signing authority certificate (which is also
listed below the server certificate in the listing).
Export a Certificate to .PFX Using the Certificate
Management Console
Once you have a certificate in the form of a .crt file in the MMC, it must be converted to a .pfx file for use with Keytool when
the Security Server is used in DMZ mode and when importing a Dell Manager certificate into the Server Configuration Tool.
1. Open the Microsoft Management Console.
2. Click File > Add/Remove Snap-in.
3. Click Add.
4. At the Add Standalone Snap-in window, select Certificates and click Add.
5. Select Computer Account and click Next.
6. At the Select Computer window, select Local computer (the computer this console is running on) and click Finish.
7. Click Close.
8. Click OK.
9. In the Console Root folder, expand Certificates (Local Computer).
10. Go to the Personal folder and locate the desired certificate.
92
Certificates