Highlighted
SMDC_001
Copper

Ignore CSR for installing wildcard certificate in IDRAC6

Jump to solution

Hi,

 I want to install wildcard certificate to IDRAC6. We are managing over 200 DELL servers.

 So Get CSR and publish each own certificate doesn't make sense.

 Does anyone know how to ignore CSR and install wild card certificate to IDRAC6?

 Command line or GUI, both make me happy.

 Maybe in case of OMSA will be appreciated.

Thank you.

0 Kudos
5 Replies
Moderator
Moderator

Re: Ignore CSR for installing wildcard certificate in IDRAC6

Jump to solution

Good morning,

After researching the issue, the iDRAC6 does not support wild card certificates.

Regards,

Geoff P
Dell | Social Outreach Services - Enterprise


Download the Dell Quick Resource Locator app today to access PowerEdge support content on your mobile device!
(iOS, Android, Windows)

0 Kudos
SMDC_001
Copper

Re: Ignore CSR for installing wildcard certificate in IDRAC6

Jump to solution

Thank you!

0 Kudos
Jim85705
Copper

RE: Ignore CSR for installing wildcard certificate in IDRAC6

Jump to solution

Better solution.  I was able to upload a wildcard certificate to 8 of our PE R710, R715 and R815 machines.  They are all iDRAC6.


The key is to increase the key length BEFORE you upload the wild card certificate.

Copy SSL Key and CRT (plus intermediate.crt files if necessary) files to Linux host that has access to RACADM utility

concat your.crt and intermediate.crt

cat your.crt intermediate.crt > combo.crt

VI the combi.crt and make sure there is a hard return between the two certificiates.

-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----

Expand the Key Size to allow for modern SSL Certificates

racadm -r 192.168.rac.addr -u root -p yourPass config -g cfgRacSecurity -o cfgRacSecCsrKeySize 2048

Upload the your Private Key

racadm -r 192.168.rac.addr -u root -p yourPass sslkeyupload -t 1 -f your.key

Upload the Combo Certificate

racadm -r 192.168.rac.addr -u root -p yourPass sslcertupload -t 1 -f combo.crt

this will cause a iDRAC reboot.  it will take about 5 minutes to complete

Once done.. *.example.net certificate will work

Jim

vibbow
Copper

RE: Ignore CSR for installing wildcard certificate in IDRAC6

Jump to solution

This one worked, thanks!!!

0 Kudos
inumio
Copper

RE: Ignore CSR for installing wildcard certificate in IDRAC6

Jump to solution

You're a rockstar, Jim. Thanks for saving my otherwise dreary afternoon of idrac problems.

0 Kudos