Thanks, I followed the instructions in the manual. The problem was that the dns rac name and common name weren't the same. The dns rac name was hostname and the common name was fqdn. After I set my common name to hostname I could generate and download the CSR.
Then I bumped into the next problem. Generating the CSR, requesting the certificate from the CA and uploading it to the idrac all went fine. But when I access the idrac with a browser the certificate is invalid. The error is "name on security certificate is invalid or does not match site name".
Because I use the hostname for the common name and I access the idrac with a browser on the fqdn it doesn't match. I also couldn't use the fqdn for common name and dns rac name because that wasn't allowed for the dns rac name. As to my knowledge the idrac doesn't allow me to specify subjectAltName, So I ended up using openssl to generating an CSR and a private key with hostname and fqdn. Requesting a certificate from the CA and uploading both the certificate and the key file.
Are you attempting this through the Local Racadm, or are you doing a remote racadm? If you follow this link it has a walkthrough on configuring either, and the commands needed. Have you tried the things listed here. You an also find the Racadm guide here, with additional steps in configuring and creating CSR's.
The document that Chris provided was back in 2015, and the document have been removed. Though there are 3rd party sites that have kept archive: https://dell.to/3urdqcf
ekos
3 Posts
1
November 4th, 2015 07:00
Thanks, I followed the instructions in the manual. The problem was that the dns rac name and common name weren't the same. The dns rac name was hostname and the common name was fqdn. After I set my common name to hostname I could generate and download the CSR.
Then I bumped into the next problem. Generating the CSR, requesting the certificate from the CA and uploading it to the idrac all went fine. But when I access the idrac with a browser the certificate is invalid. The error is "name on security certificate is invalid or does not match site name".
Because I use the hostname for the common name and I access the idrac with a browser on the fqdn it doesn't match. I also couldn't use the fqdn for common name and dns rac name because that wasn't allowed for the dns rac name. As to my knowledge the idrac doesn't allow me to specify subjectAltName, So I ended up using openssl to generating an CSR and a private key with hostname and fqdn. Requesting a certificate from the CA and uploading both the certificate and the key file.
DELL-Chris H
Moderator
•
9.7K Posts
0
November 4th, 2015 05:00
Ekos,
Are you attempting this through the Local Racadm, or are you doing a remote racadm? If you follow this link it has a walkthrough on configuring either, and the commands needed. Have you tried the things listed here. You an also find the Racadm guide here, with additional steps in configuring and creating CSR's.
Let me know what you see.
Parichay-Saxena
1 Rookie
•
8 Posts
0
September 29th, 2021 17:00
The link document is not currently available.
DELL-Joey C
Moderator
•
4.1K Posts
0
September 29th, 2021 22:00
Hello @Parichay-Saxena,
The document that Chris provided was back in 2015, and the document have been removed. Though there are 3rd party sites that have kept archive: https://dell.to/3urdqcf
And here a general RACADM command guide for iDRAC 8: https://dell.to/39TsTIF