Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows Certification Authority This Dell Technical white paper describes the necessary steps to generate and consume a custom SSL/HTTPS certificate for the Dell Management Plug-in using Microsoft Windows Certification Authority.
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA This document is for informational purposes only and may contain typographical errors and technical inaccuracies. The content is provided as is, without express or implied warranties of any kind. © 2012 Dell Inc. All rights reserved. Dell and its affiliates cannot be responsible for errors or omissions in typography or photography. Dell, the Dell logo, and PowerEdge are trademarks of Dell Inc.
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA Contents Introduction .............................................................................................................. 4 Audience and scope ................................................................................................... 4 Prerequisites ........................................................................................................... 4 Why use an SSL certificate? ...
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA Introduction The Dell Management Plug-in is a virtual appliance used to reduce tools and tasks associated with the management and deployment of Dell servers in your virtual environment. It reduces complexity by natively integrating the key management capabilities into the vCenter console.
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA Custom certificate attributes The virtual appliance supports a X.509 certificate with RSA 2048-bit key encryption standard and requires the certificate to be in the PEM format (http://en.wikipedia.org/wiki/X.509). Generating a CSR using the Administration Console Use the Administration Console to generate the certificate signing request (CSR). 1.
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA Figure 2. Generating the certificate signing request. 3. Provide the required information and make sure that the Common Name field contains the appliance’s FQDN/Hostname or localhost.localdomain if FQDN/Hostname is not set.
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA Figure 3. Success dialog box. 4. Click Continue, and then click Download Certificate Signing Request. 5. Copy and/or save the text from the newly opened browser tab or window.
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA Figure 4. Copy the BEGIN and END of the Certificate Request. Certificate signing using Microsoft Windows CA This section shows you how to digitally sign a CSR generated by the Administration Console using Microsoft Windows Certification Authority. This section assumes that the certification authority server has already been configured. 1.
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA Figure 5. Using Microsoft Active Directory Certificate Services. Click Advanced certificate request. Figure 6. Requesting a certificate. 3. Click Submit a certificate request by using base-64-encoded CMC or PKCS #10 file… . Figure 7. Advanced Certificate Request screen. 4. Paste the CSR text you copied in the previous procedure in the text area and submit the request.
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA Figure 8. Pasting in the certificate request. 5. On the Certification Authority server, open the Certification Authority snapshot. Figure 9. Opening the Certificate Authority snapshot. 6. Right-click the pending certificates folder and issue the certificate. Figure 10. Issuing the certificate. 7. Open the Certification Authority portal page and go to View the status of a pending certificate request.
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA 8. Download the Saved-Request Certificate to the local disk. Figure 11. Downloading the certificate. 9. To Download DER encoded certificate, click Download Certificate. 10. Convert the certificate from cert/cer format to PEM format using openssl or using the directions from the following web sites: • https://www.sslshopper.com/ssl-converter.html • http://www.bo.infn.it/alice/introgrd/certmgr/node2.
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA Figure 12. Converting SLL formats. Uploading a certificate to the virtual appliance This section provides information about how to upload the certificate, which you obtained following the instructions in the previous section, onto the virtual appliance using Administration Console. 1.
Dell Management Plug-in for VMware vCenter: Custom SSL/HTTPS Certificate using Microsoft Windows CA Figure 13. Selecting the certificate to upload. 3. Click Upload certificate. 4. After upload is complete, log out from Administration Console, refresh the browser page and re-login to establish the HTTPS session using the new certificate.