Installation Manual
352 Configuring Security Features
An SSL-enabled system:
• Authenticates itself to an SSL-enabled client
• Allows the client to authenticate itself to the server
• Allows both systems to establish an encrypted connection
This encryption process provides a high level of data protection. The iDRAC6
employs the 128-bit SSL encryption standard, the most secure form of
encryption generally available for Internet browsers in North America.
The iDRAC6 Web server includes a Dell self-signed SSL digital certificate
(Server ID). To ensure high security over the Internet:
1
Replace the default Web server SSL certificate with a valid certificate from
a Certificate Authority(CA).
2
Generate a Certificate Signing Request(CSR) by submitting a request to
the iDRAC6.
3
Provide the CSR to the Certificate Authority(CA) to get a valid certificate.
Certificate Signing Request (CSR)
A CSR is a digital request to a Certificate Authority (CA) for a secure server
certificate. Secure server certificates protect the identity of a remote system
and ensure that information exchanged with the remote system cannot be
viewed or changed by others. To ensure security for your DRAC, it is strongly
recommended that you generate a CSR, submit the CSR to a CA, and upload
the certificate returned from the CA.
A CA is a business entity that is recognized in the IT industry for meeting
high standards of reliable screening, identification, and other important
security criteria. Examples of CAs include Thawte and VeriSign. After the
CA receives your CSR, they review and verify the information the CSR
contains. If the applicant meets the CA’s security standards, the CA issues a
certificate to the applicant that uniquely identifies that applicant for
transactions over networks and on the Internet.
After the CA approves the CSR and sends you a certificate, you must upload
the certificate to the iDRAC6 firmware. The CSR information stored on the
iDRAC6 firmware must match the information contained in the certificate.