Dell 8.1 manual SSL Server Certificates

Page 39

You generate a new X.509 certificate, reuse an existing X.509 certificate or import a certificate chain from a Certification Authority (CA).

All systems that have Server Administrator installed have unique host names.

To manage X.509 certificates through the Preferences home page, click General Settings, click the Web

Server tab, and click X.509 Certificate.

The following are the available options:

Generate a new certificate — Generates a new self-signed certificate used for SSL communication between the server running Server Administrator and the browser.

NOTE: When using a self-signed certificate, most web browsers display an untrusted warning as the self-signed certificate is not signed by a Certificate Authority (CA) trusted by the operating system. Some secure browser settings can also block the self-signed SSL certificates. The Server Administrator web GUI requires a CA-signed certificate for such secure browsers.

Certificate Maintenance — Allows you to generate a Certificate Signing Request (CSR) containing all the certificate information about the host required by the CA to automate the creation of a trusted SSL web certificate. You can retrieve the necessary CSR file either from the instructions on the Certificate Signing Request (CSR) page or by copying the entire text in the text box on the CSR page and pasting it in the CA submit form. The text must be in the Base64–encoded format.

NOTE: You also have an option to view the certificate information and export the certificate that is being used in the Base64–encoded format, which can be imported by other web services.

Import certificate chain — Allows you to import the certificate chain (in PKCS#7 format) signed by a trusted CA. The certificate can be in DER or Base64-encoded format.

Import a PKCS12 Keystore — Allows you to import a PKCS#12 keystore that replaces the private key and certificate used in Server Administrator web server. PKCS#12 is public keystore that contains a private key and the certificate for a web server. Server Administrator uses the Java KeyStore (JKS) format to store the SSL certificates and its private key. Importing a PKCS#12 keystore to Server Administrator deletes the keystore entries, and imports a private key and certificate entries to the Server Administrator JKS.

NOTE: An error message is displayed if you either select an invalid PKCS file or when you type an incorrect password.

SSL Server Certificates

Server Administrator Web server is configured to use the industry-standard SSL security protocol to transfer encrypted data over a network. Built on an asymmetric encryption technology, SSL is widely accepted for providing authenticated and encrypted communication between clients and servers to prevent eavesdropping across a network.

An SSL-enabled system can perform the following tasks:

Authenticate itself to an SSL-enabled client

Allow the two systems to establish an encrypted connection

The encryption process provides a high level of data protection. Server Administrator uses the most secure form of encryption generally available for Internet browsers in North America.

Server Administrator Web server has a Dell self-signed unique SSL digital certificate by default. You can replace the default SSL certificate with a certificate signed by a well-known Certificate Authority (CA). A Certificate Authority is a business entity that is recognized in the Information Technology industry for meeting high standards of reliable screening, identification, and other important security criteria. Examples of CAs include Thawte and VeriSign. To initiate the process of obtaining a CA-signed certificate, use the Server Administrator Web interface to generate a Certificate Signing Request (CSR) with your

39

Page 38 Page 40
Image 39
Page 38 Page 40
Contents Dell OpenManage Server Administrator Version Users Guide Page Contents Working With Remote Access Controller Server Administrator ServicesFrequently Asked Questions Server Administrator LogsSetting Alert Actions TroubleshootingIntroduction Installation Updating Individual System ComponentsWhat Is New In This Release Storage Management ServiceInstrumentation Service Remote Access ControllerPage Availability On Supported Operating Systems Systems Management Standards AvailabilityOther Documents You May Need Server Administrator HomeAccessing documents from Dell Support Site Contacting Dell Obtaining Technical AssistanceSetup And Administration Role-Based Access ControlUser Privileges Authentication Microsoft Windows AuthenticationVMware ESXi Server 5.X Authentication Encryption Assigning User PrivilegesAdding Users To a Domain On Windows Operating Systems Creating Users With User Privileges Creating Users With Power User PrivilegesTab = \t tab character Best Practices While Using The Omarolemap FileConfiguring The Snmp Agent Changing the Snmp community name Page Server Administrator Snmp Agent Install Actions Snmp Agent Access Control ConfigurationEnabling Snmp Access From Remote Hosts Sever Administrator Snmp Install ActionsFind the line that reads rocommunity public Page Firewall Configuration Using Server Administrator Server Administrator Local System LoginLogging In And Out Central Web Server Login Single Sign-On Using The Active Directory LoginEnabling The Use Of Client-Side Scripts On Internet Explorer Enabling The Use Of Client-Side Scripts On Mozilla Firefox Sample Server Administrator Home Page Non-Modular System Page Data Area Global Navigation BarSystem Tree Action WindowTask Buttons System/Server Module Component Status IndicatorsUnderlined Items Using The Online HelpUsing The Preferences Home Gauge IndicatorsServer Administrator Web Server Preferences Setting User And System PreferencesManaged System Preferences Secure Port System Certificate Management SSL Server Certificates Upgrading web server Server Administrator Web Server Action TabsUsing The Server Administrator Command Line Interface Managing Your System Server Administrator ServicesManaging System/Server Module Tree Objects Server Administrator Home Page System Tree ObjectsAccessing And Using Chassis Management Controller Modular EnclosureSystem/Server Module Properties Logs ShutdownSession Management Alert ManagementMain System Chassis/Main System Properties Main System Chassis/Main SystemBatteries Bios Fans Firmware Hardware PerformanceIntrusion Memory Ports NetworkPower Management Processors Power SuppliesRemote Access Temperatures Removable Flash MediaSlots Voltages Software Operating SystemStorage Managing Preferences Home Page Configuration Options General SettingsServer Administrator Working With Remote Access Controller Viewing Basic Information Configuring The Remote Access Device To Use a LAN Connection Vlan ID Page Configuring Remote Access Device Users Additional Configuration For iDRACSetting Platform Event Filter Alerts Setting Platform Event Alert Destinations Page Server Administrator Logs Integrated FeaturesLog Window Task Buttons Server Administrator Logs Hardware LogMaintaining The Hardware Log Alert Log Command LogExample 1 ps -ef /tmp/psout.txt 2&1 Setting Alert ActionsSetting Alert Action Execute Application In Windows Server Setting Alert Actions In Microsoft Windows Server ServerBMC/iDRAC Platform Events Filter Alert Messages Page Troubleshooting Connection Service FailureLogin Failure Scenarios REINSTALLMODE=vamus Server Administrator ServicesDsmsadatamgr Page ITA communicating with Linux systems Frequently Asked QuestionsITA communicating with Windows systems
Top Page Image Contents