Users Guide
Using iDRAC6 With Microsoft Active Directory 141
4
In the
Console 1
(MMC) window, click
File (
or
Console
on Windows 2000
systems
)
and select
Add/Remove Snap-in
.
5
In the
Add/Remove Snap-In
window, click
Add
.
6
In the
Standalone Snap-In
window, select
Certificates
and click
Add
.
7
Select
Computer
account and click
Next
.
8
Select
Local Computer
and click
Finish
.
9
Click
OK
.
10
In the
Console 1
window, expand the
Certificates
folder, expand the
Personal
folder, and click the
Certificates
folder.
11
Locate and right-click the root CA certificate, select
All Tasks
, and click
Export...
12
In the
Certificate Export Wizard
, click
Next
, and select
No do not export
the private key
.
13
Click
Next
and select
Base-64 encoded X.509 (.cer)
as the format.
14
Click
Next
and save the certificate to a directory on your system.
15
Upload the certificate you saved in step 14 to iDRAC6.
To upload the certificate using RACADM, see "Configuring Active
Directory With Standard Schema Using RACADM."
To upload the certificate using the Web-based interface, see "Configuring
Active Directory With Standard Schema Using the iDRAC6 Web-Based
Interface."
Importing the iDRAC6 Firmware SSL Certificate
NOTE: If the Active Directory Server is set to authenticate the client during an SSL
session initialization phase, you need to upload the iDRAC6 Server certificate to the
Active Directory Domain controller as well. This additional step is not required if the
Active Directory does not perform a client authentication during an SSL session’s
initialization phase.
Use the following procedure to import the iDRAC6 firmware SSL certificate
to all domain controller trusted certificate lists.
NOTE: If your system is running Windows 2000, the following steps may vary.
NOTE: If the iDRAC6 firmware SSL certificate is signed by a well-known CA and the
certificate of that CA is already in the domain controller's Trusted Root Certificate
Authority list, you are not required to perform the steps in this section.