Manualshelf

Users Guide

ManualsBrandsDell ManualsC SeriesPowerEdge FC430
919293949596979899100
NOTE: Each new CSR overwrites any previous CSR data stored in the firmware. The information in the CSR must match
the information in the SSL server certificate. Else, iDRAC does not accept the certificate.
1. In the iDRAC Web interface, go to Overview > iDRAC Settings > Network > SSL, select Generate Certificate Signing
Request (CSR) and click Next.
The Generate a New Certificate Signing Request page is displayed.
2. Enter a value for each CSR attribute.
For more information, see iDRAC Online Help.
3. Click Generate.
A new CSR is generated. Save it to the management station.
Generating CSR using RACADM
To generate a CSR using RACADM, use the set command with the objects in the iDRAC.Security group, and then use the
sslcsrgen command to generate the CSR.
For more information, see the iDRAC RACADM Command Line Interface Reference Guide available at dell.com/idracmanuals.
Uploading server certificate
After generating a CSR, you can upload the signed SSL server certificate to the iDRAC firmware. iDRAC must be reset to apply
the certificate. iDRAC accepts only X509, Base 64 encoded Web server certificates. SHA-2 certificates are also supported.
CAUTION: During reset, iDRAC is not available for a few minutes.
Related concepts
SSL server certificates on page 94
Uploading server certificate using web interface
To upload the SSL server certificate:
1. In the iDRAC Web interface, go to Overview > iDRAC Settings > Network > SSL, select Upload Server Certificate and
click Next.
The Certificate Upload page is displayed.
2. Under File Path, click Browse and select the certificate on the management station.
3. Click Apply.
The SSL server certificate is uploaded to iDRAC.
4. A pop-up message is displayed asking you to reset iDRAC immediately or at a later time. Click Reset iDRAC or Reset
iDRAC Later as required.
iDRAC resets and the new certificate is applied. The iDRAC is not available for a few minutes during the reset.
NOTE: You must reset iDRAC to apply the new certificate. Until iDRAC is reset, the existing certificate is active.
Uploading server certificate using RACADM
To upload the SSL server certificate, use the sslcertupload command. For more information, see the RACADM Command
Line Reference Guide for iDRAC available at dell.com/idracmanuals.
If the CSR is generated outside of iDRAC with a private key available, then to upload the certificate to iDRAC:
1. Send the CSR to a well-known root CA. CA signs the CSR and the CSR becomes a valid certificate.
2. Upload the private key using the remote racadm sslkeyupload command.
3. Upload the signed certificate to iDRAC using the remote racadm sslcertupload command.
The new certificate is uploaded iDRAC. A message is displayed asking you to reset iDRAC.
4. Run the racadm racreset command to reset iDRAC.
iDRAC resets and the new certificate is applied. The iDRAC is not available for a few minutes during the reset.
NOTE: You must reset iDRAC to apply the new certificate. Until iDRAC is reset, the existing certificate is active.
96 Configuring iDRAC