19 Posts
0
15472
ERROR: an invalid certificate is uploaded
Hello.
I try to upload remotly an SSL LDAP certificat on a DELL server, by using the "racadm sslcertupload" command, but this one generate the following error:
ERROR Failed to upload the Certificate ERROR: an invalid certificate is uploaded.
Command used (as root) to upload the certificat:
/opt/dell/srvadmin/sbin/racadm sslcertupload -t2 -f My_cert.pem
Content of my certificat file:
cat My_cert.pem -----BEGIN CERTIFICATE----- MIICYjCCAcugAwIBAgIIfyYwndGFSP0wDQYJKoZIhvcNAQEFBQAwQTEZMBcGA1UE .......... ....... ......... oYTAFUR+tEEWS7igxvoYrOPu+fAZ4oliN59qoB8h2+2XJ9FVCek= -----END CERTIFICATE-----
PS1: The used certificat is certified by an athority of certification (CA).
PS2: I have created also an auto -certified certificate and used it, but I have the same error.
ENV:
OS: RedHat/CentOS 7.
Hardware: DELL PowerEdge R740xd
Do you know how to resolve the problem please?
Cordially.
Liloulinx
Liloulinx
19 Posts
0
October 3rd, 2018 02:00
Hello.
Finally the problem is resolved by updating the firmware (or juste by the RESET of the iDRAC).
Thank you
Liloulinx
19 Posts
0
September 25th, 2018 04:00
Other nedded information :
- System Model = PowerEdge R740xd
- Firmware Version = 3.21.21.21
- Firmware Build = 30
- Last Firmware Update = 06/14/2018 09:07:38
- Hardware Version = 0.01
- System BIOS Version = 1.4.5
DELL-Shine K
4 Operator
4 Operator
•
3K Posts
0
September 25th, 2018 05:00
While uploading LDAP SSL certificate to iDRAC you need to upload Root CA Certificate from where certificate is created for LDAP server. You also need to use Base64 format for certificate while trying to upload certificate to iDRAC
DELL-Shine K
4 Operator
4 Operator
•
3K Posts
0
September 25th, 2018 06:00
Yes keep it on same folder where racadm commands are executed. You can also provide absolute path of certificate file in racadm command
Liloulinx
19 Posts
0
September 25th, 2018 06:00
Thank you DELL-Shine K for you answer.
I have question about your answer.
Where upload this certificat, in the same folder as this of the script containing the "racadm sslcertupload ..." command ?
I think that it's the cas because it contains some characteres as = / and +.
Liloulinx
19 Posts
0
September 25th, 2018 08:00
I have copied the CA cert to my current directory and run the racadm command but it gave me the same error:
For the second suggestion, can you give me please the syntaxe to use to provide an absolute path of CA cert. I have used the -k but it doesn't work.
DELL-Shine K
4 Operator
4 Operator
•
3K Posts
0
September 25th, 2018 09:00
Can you check below points
You can try below command with correct option and filename
"sudo /opt/dell/srvadmin/sbin/racadm sslcertupload -t 2 -f my_ca_certificat.pem"
For obsolete path you need to mention "-f /etc/openldap/cacerts/my_ca_certificat.pem". There is no need to have -k option
Liloulinx
19 Posts
0
September 26th, 2018 00:00
Good morning DELL-Shine K
Yes I used "My_cert_file" because it is the certificate that I want to upload.
"my_ca_certificat.pem" is the certificate used to certify "My_cert_file" .
I think that we can use "-t2" with or without space.
So after "-f" I think that it is not "my_ca_certificat.pem" that must be used but "My_cert_file".
But, as I said in my previous post, when I use the following command "sudo /opt/dell/srvadmin/sbin/racadm sslcertupload -t 2 -f My_cert_file" it generate an error.
DELL-Shine K
4 Operator
4 Operator
•
3K Posts
0
September 26th, 2018 01:00
-t 2 option is for uploading certificate to iDRAC for AD/LDAP authentication. Here you need to upload root CA certificate which is used to sign AD/LDAP Server certificate. For AD/LDAP login there is no need to create a certificate for iDRAC and upload.
Liloulinx
19 Posts
0
September 26th, 2018 02:00