While accessing the iDRAC7 Web interface, a security warning appears stating that the SSL certificate issued by the Certificate Authority (CA) is not trusted.
iDRAC7 includes a default iDRAC7 server certificate to ensure network security while accessing through the Web-based interface and remote RACADM. This certificate is not issued by a trusted CA. To resolve this, upload a iDRAC7 server certificate issued by a trusted CA (for example, Microsoft Certificate Authority, Thawte or Verisign).
The DNS server is not registering iDRAC7.
Some DNS servers register iDRAC7 names that contain only up to 31 characters.
When accessing the iDRAC7 Web-based interface, a security warning is displayed stating that the SSL certificate host name does not match the iDRAC7 host name.
iDRAC7 includes a default iDRAC7 server certificate to ensure network security while accessing through the Web-based interface and remote RACADM. When this certificate is used, the Web browser displays a security warning because the default certificate that is issued to iDRAC7 does not match the iDRAC7 host name (for example, the IP address).
To resolve this, upload an iDRAC7 server certificate issued to the IP address or the iDRAC7 host name. When generating the CSR (used for issuing the certificate), make sure that the common name (CN) of the CSR matches the iDRAC7 IP address (if certificate issued to IP) or the registered DNS iDRAC7 name (if certificate is issued to iDRAC7 registered name).
To make sure that the CSR matches the registered DNS iDRAC7 name:
Active Directory login failed.
- In iDRAC7 Web interface, go to Overview → iDRAC Settings → Network. The Network page is displayed.
- In the Common Settings section, select the Register iDRAC on DNSoption. In the DNS iDRAC Name field, enter the iDRAC7 name.
- Click Apply.
To diagnose the problem, on the Active Directory Configuration and Management page, click Test Settings. Review the test results and fix the problem. Change the configuration and run the test until the test user passes the authorization step.
In general, check the following:
- While logging in, make sure that you use the correct user domain name and not the NetBIOS name. If you have a local iDRAC7 user account, log into iDRAC7 using the local credentials. After logging in, make sure that:
- The Enable Active Directory option is selected on the Active Directory Configuration and Management page.
- The DNS setting is correct on the iDRAC7 Networking configuration page.
- The correct Active Directory root CA certificate is uploaded to iDRAC7 if certificate validation was enabled.
- The iDRAC name and iDRAC Domain name matches the Active Directory environment configuration if you are using extended schema.
- The Group Name and Group Domain Name matches the Active Directory configuration if you are using standard schema.\
- Check the domain controller SSL certificates to make sure that the iDRAC7 time is within the valid period of the certificate.