User's Manual
70 Configuring the iDRAC Using the Web Interface
The iDRAC Web server has a Dell self-signed SSL digital certificate (Server
ID) by default. To ensure high security over the Internet, replace the Web
server SSL certificate with a certificate signed by a well-known certificate
authority. To initiate the process of obtaining a signed certificate, you can use
the iDRAC Web interface to generate a Certificate Signing Request (CSR)
with your company’s information. You can then submit the generated CSR to
a CA such as VeriSign or Thawte.
Certificate Signing Request (CSR)
A CSR is a digital request to a Certificate Authority (CA) for a secure server
certificate. Secure server certificates allow clients of the server to trust the
identity of the server they have connected to and to negotiate an encrypted
session with the server.
A Certificate Authority is a business entity that is recognized in the IT
industry for meeting high standards of reliable screening, identification, and
other important security criteria. Examples of CAs include Thawte and
VeriSign. After the CA receives a CSR, they review and verify the information
the CSR contains. If the applicant meets the CA’s security standards, the CA
issues a digitally-signed certificate that uniquely identifies that applicant for
transactions over networks and on the Internet.
After the CA approves the CSR and sends the certificate, upload the
certificate to the iDRAC firmware. The CSR information stored on the
iDRAC firmware must match the information contained in the certificate.
Accessing the SSL Main Menu
1
Click
System
→
Remote Access
→
iDRAC
, then click the
Network/Security
tab.
2
Click
SSL
to open the
SSL Main Menu
page.
Use the SSL Main Menu page to generate a CSR to send to a CA. The CSR
information is stored on the iDRAC firmware.
Table 5-12 describes the options available when generating a CSR.
Table 5-13 describes the available buttons on the SSL Main Menu page.