Ignore CSR for installing wildcard certificate in IDRAC6

Question

Hi,  I want to install wildcard certificate to IDRAC6. We are managing over 200 DELL servers.  So Get CSR and publish each own certificate doesn't make sense.  Does anyone know how to ignore CSR and install wild card certificate to IDRAC6?  Command line or GUI, both make me happy.  Maybe in case of OMSA will be appreciated. Thank you.

Jim85705 · Accepted Answer

Better solution. I was able to upload a wildcard certificate to 8 of our PE R710, R715 and R815 machines. They are all iDRAC6.

The key is to increase the key length BEFORE you upload the wild card certificate.

Copy SSL Key and CRT (plus intermediate.crt files if necessary) files to Linux host that has access to RACADM utility

concat your.crt and intermediate.crt

cat your.crt intermediate.crt > combo.crt

VI the combi.crt and make sure there is a hard return between the two certificiates.

-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----

Expand the Key Size to allow for modern SSL Certificates

racadm -r 192.168.rac.addr -u root -p yourPass config -g cfgRacSecurity -o cfgRacSecCsrKeySize 2048

Upload the your Private Key

racadm -r 192.168.rac.addr -u root -p yourPass sslkeyupload -t 1 -f your.key

Upload the Combo Certificate

racadm -r 192.168.rac.addr -u root -p yourPass sslcertupload -t 1 -f combo.crt

this will cause a iDRAC reboot. it will take about 5 minutes to complete

Once done.. *.example.net certificate will work

Jim

DELL-Geoff P · Answer

Good morning, After researching the issue, the iDRAC6 does not support wild card certificates. Regards,

SMDC_001 · Answer

Thank you!

vibbow · Answer

This one worked, thanks!!!

inumio · Answer

You're a rockstar, Jim. Thanks for saving my otherwise dreary afternoon of idrac problems.

leiwand · Answer

Thank you for sharing this!

Systems Management General

Was this post helpful?