64 Configuring the iDRAC6 Using the Web Interface
Securing iDRAC6 Communications Using SSL and Digital CertificatesThis section provides information about the following data security features
that are incorporated in your iDRAC:
• Secure Sockets Layer (SSL)
• Certificate Signing Request (CSR)
• Accessing SSL through the Web-based Interface
• Generating a CSR
• Uploading a server certificate
• Viewing a server certificate
Secure Sockets Layer (SSL)
The iDRAC6 includes a Web server that is configured to use the
industry-standard SSL security protocol to transfer encrypted data over a network.
Builtupon public-key and private-key encryption technology, SSL is a widely
accepted technology for providing authenticated and encrypted communication
between clients and servers to prevent eavesdropping across a network.
An SSL-enabled system can perform the following tasks:
• Authenticate itself to an SSL-enabled client
• Allow the client to authenticate itself to the server
• Allow both systems to establish an encrypted connection
The encryption process provides a high level of data protection. The iDRAC6
employs the 128-bit SSL encryption standard, the most secure form of
encryption generally available for Internet browsers in North America.
The iDRAC6 Web server has a Dell self-signed SSL digital certificate (Server
ID) by default. To ensure high security over the Internet, replace the Web
server SSL certificate with a certificate signed by a well-known certificate
authority. To initiate the process of obtaining a signed certificate, you can use
the iDRAC6 Web interface to generate a Certificate Signing Request (CSR)
with your company’s information. You can then submit the generated CSR to
a Certificate Authority (CA) such as VeriSign or Thawte.