Securing iDRAC6 Communications Using SSL and Digital Certificates

This section provides information about the following data security features that are incorporated in your iDRAC:

Secure Sockets Layer (SSL)

Certificate Signing Request (CSR)

Accessing SSL through the Web-based Interface

Generating a CSR

Uploading a server certificate

Viewing a server certificate

Secure Sockets Layer (SSL)

The iDRAC6 includes a Web server that is configured to use the industry-standard SSL security protocol to transfer encrypted data over a network. Built upon public-key and private-key encryption technology, SSL is a widely accepted technology for providing authenticated and encrypted communication between clients and servers to prevent eavesdropping across a network.

An SSL-enabled system can perform the following tasks:

Authenticate itself to an SSL-enabled client

Allow the client to authenticate itself to the server

Allow both systems to establish an encrypted connection

The encryption process provides a high level of data protection. The iDRAC6 employs the 128-bit SSL encryption standard, the most secure form of encryption generally available for Internet browsers in North America.

The iDRAC6 Web server has a Dell self-signed SSL digital certificate (Server ID) by default. To ensure high security over the Internet, replace the Web server SSL certificate with a certificate signed by a well-known certificate authority. To initiate the process of obtaining a signed certificate, you can use the iDRAC6 Web interface to generate a Certificate Signing Request (CSR) with your company’s information. You can then submit the generated CSR to a Certificate Authority (CA) such as VeriSign or Thawte.

64

Configuring the iDRAC6 Using the Web Interface

Page 64
Image 64
Dell IDRAC6 manual Secure Sockets Layer SSL