When iDRAC authenticates users with an Active Directory domain
controller, it starts an SSL session with the domain controller.
At this time, the domain controller must publish a certificate signed
by the Certificate Authority (CA)—the root certificate of which
is also uploaded into iDRAC. For iDRAC to authenticate to
controller—whether it is the root or the child domain controller—that
domain controller must have an SSL-enabled certificate signed by
the domain’s CA.
If you are using Microsoft Enterprise Root CA to
all your domain controllers to an SSL certificate, you must:
Install the SSL certificate on each domain controller.
Export the Domain Controller Root CA Certificate to iDRAC.