NOTE: If the system from where you are accessing the remote system does not have an iDRAC6 certificate in its default certificate store, a message is displayed when you type a RACADM command. For more information about iDRAC6 certificates, see "Securing iDRAC6 Communications Using SSL and Digital Certificates" on page 64.

Security Alert: Certificate is invalid - Name on Certificate is invalid or does not match site name

Continuing execution. Use -S option for racadm to stop the execution on certificate-related errors.

RACADM continues to execute the command. However, if you use the –Soption, RACADM stops executing the command and displays the following message:

Security Alert: Certificate is invalid - Name on Certificate is invalid or does not match site name

Racadm not continuing execution of the command.

ERROR: Unable to connect to iDRAC6 at specified IP address

On Linux systems, ensure that you perform the following intermediate steps for certificate validation to be successful using remote RACADM:

1Convert CA in DER format to PEM format (using openssl cmdline tool):

openssl x509 -inform pem -in <yourdownloadedderformatcert.crt> –outform pem - out <outcertfileinpemformat.pem> –text

2Find the location of the default CA certificate bundle on the management station. For example, for RHEL5 64-bit , it is /etc/pki/tls/cert.pem.

3Append the PEM formatted CA certificate to the management station CA certificate.

For example, use the cat command:

- cat testcacert.pem >> cert.pem

112

Advanced iDRAC6 Configuration

Page 112
Image 112
Dell IDRAC6 manual 112