Unsolved
This post is more than 5 years old
6 Posts
0
25513
sslcsrgen via firmware racadm (ssh) on iDRAC8
Hello,
I like the fact that most racadm subcommands can be used via SSH as this makes scripting easier when no racadm tool needs to be distributed. Looking in the documentation I also see that sslcsrgen is supported via SSH interface, and it also seems to do anything.
However I have no idea how to get the CSR message. (It could be printed to the output but it is not). With a remote racadm command the sslcsrgen safes to a local file. But I guess otherwise it is stored somewhere in the iDRAC - how can I access it?
I reallly like the
DELL-Shine K
4 Operator
4 Operator
•
3K Posts
0
April 29th, 2015 21:00
Using SSH you can only initiate CSR generation. File will be generated in iDRAC. For downloading CSR file you have to use below racadm command from local or remote racadm interface.
racadm sslcsrgen -f
For more information you can refer Racadm CLI Guide. Link given below
http://topics-cdn.dell.com/pdf/integrated-dell-remote-access-cntrllr-8-with-lifecycle-controller-v2.00.00.00_Reference%20Guide2_en-us.pdf
Eckes
6 Posts
0
April 30th, 2015 10:00
Thanks for the confirmation!
This is very unfortunate, since installing and maintaining racadm is somewhat of a pain. With remote ssh connection iDRAC is so smooth to use (and with ssh multiplexing even quite fast). It is a pitty the CSR is not "printed" or can be downloaded by a url or scp. Especially as the file is obviously present as such.
BTW: just a nitpick, the CSR gui should be really updated for subjectAlternativeName attributes instead of the old CN method.
DELL-Shine K
4 Operator
4 Operator
•
3K Posts
0
May 1st, 2015 21:00
Currenlty iDRAC does not support "subjectAlternativeName" as part of CSR generation. But there is another way you can achieve this. You can create CSR and certificate outside iDRAC with all fields as per your requirement and later upload private key and certificate to iDRAC. If you do not want to install racadm you can achieve the above using WSMAN.