Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

Aaron Mahler

1 Message

60915

September 10th, 2010 18:00

iDRAC 6/CMC SSL Certificate Upload - What Format!?

 

 Does anyone have any idea what format I need to be using to provide a pre-existing wildcard (*.noc.sbc.edu) SSL certificate and key to my M1000e's CMC and iDRACs? Nothing I try works including zillions of conversions involving X509, Base 64 encoding, etc.

  Here's what I have:

- Wildcard, CA-supplied CERT in PEM format (being used on other servers in this sub-domain just fine)

- Intermediate CERT in PEM format

- Key file which I can provide in de-crypted format to eliminate need for password

 The CMC wants me to provide a certificate file and key file uploaded through the browser. Everything I try gives me a wonderfully helpful "Bad Type" or "Bad Format" with zero details. The documentation for the CMC and the iDRAC units is worthless in this regard simply saying it wants it X509 and Base-64 encoded which leaves, thanks to all the variations in SSL cert standards, a blue million possibilities. 

  I've been running them through openssl tons of ways creating different permutations without coming up with a format the system likes. I don't know if it's the format I'm choosing, a dislike of chained intermediates, or the alignment of the planets... but there is just so little detail and so many possible ways to do this wrong that I'm thoroughly frustrated. 

  Any help would be truly appreciated.

 - Aaron

jjmil03

1 Message

April 14th, 2015 06:00

I also have the same question. I can't use the automatic CSR generation becuase it doesn't put in a Server Alternate Name for the IP Address, so the web browser still doesn't like it. Thanks for any help!

Jon

DELL-Shine K

4 Operator

 • 

3K Posts

April 14th, 2015 07:00

You can use below racadm commands to upload SSL certificate using key and certificate.

      1: Upload private key to iDRAC

                         racadm sslkeyupload -f

               2: Upload the signed certificate.

                       racadm sslcertupload -t 1 -f

kev1006

10 Posts

May 17th, 2016 19:00

I'm really trying to figure out how to create a SHA2 signed certificate for the iDRAC 6. I searched everything I could imagine in Google and Bing then though of just creating on with OpenSSL so I ended up at this thread. If there is an easier way to generate a SHA2 certificate, please let me know.

Following Dell-Shine's instructions:

How do I get my private and public keys uploaded to the DRAC?

drchris2

6 Posts

August 8th, 2017 16:00

Generated a SHA2 on the latest firmware and uploaded an x509 cert only (not intermediate) from the CSR and it worked just fine in the GUI. I did try to upload a bundle the first time, though, and it threw the same error as you got.

View More

View All

No Events found!

Top