Certificate Signing Request CSR | Dell IDRAC6 manual

Certificate Signing Request (CSR)

A CSR is a digital request to a CA for a secure server certificate. Secure server certificates allow clients of the server to trust the identity of the server they have connected to and to negotiate an encrypted session with the server.

A Certificate Authority is a business entity that is recognized in the

IT industry for meeting high standards of reliable screening, identification, and other important security criteria. Examples of CAs include Thawte and VeriSign. After the CA receives a CSR, they review and verify the information the CSR contains. If the applicant meets the CA’s security standards,

the CA issues a digitally-signed certificate that uniquely identifies that applicant for transactions over networks and on the Internet.

After the CA approves the CSR and sends the certificate, upload the certificate to the iDRAC6 firmware. The CSR information stored on the iDRAC6 firmware must match the information contained in the certificate.

Accessing SSL Through the Web-Based Interface

1Click Remote Access→ Network/Security.

2Click SSL to open the SSL page.

Use the SSL page to perform one of the following options:

•Generate a Certificate Signing Request (CSR) to send to a CA. The CSR information is stored on the iDRAC6 firmware.

•Upload a server certificate.

•View a server certificate.

Table 4-12 describes the above SSL page options.

Table 4-12. SSL Page Options

Field	Description

Generate Certificate Signing	This option enables you to generate a CSR to
Request (CSR)	send to a CA to request a secure Web certificate.
	NOTE: Each new CSR overwrites any previous CSR
	on the firmware. For a CA to accept your CSR, the
	CSR in the firmware must match the certificate
	returned from the CA.

Configuring the iDRAC6 Using the Web Interface

65

Image 65

Dell IDRAC6 manual Certificate Signing Request CSR, Accessing SSL Through the Web-Based Interface

Contents

User Guide July Contents Updating the iDRAC6 Firmware Installing the Software onAccessing the Web Interface Using Multiple Browser Tabs and Windows Configuring the Management Station Connecting the DB-9 or Null ModemViewing Internal Dual SD Module Cable for the Serial Console Using the Web Interface to Configure Frequently Asked Questions about 125106 109 Supported Active Directory Authentication 148 Using the Racadm Utility to Configure 139143 Prerequisites for Enabling Microsoft Frequently Asked Questions about Generic Ldap Directory Service 178168 177 191 Troubleshooting the Smart Card193 198 Launching Virtual Console and Virtual 219 213221 231 Using the Ipmi Remote Access 254 Creating a Bootable Image File 240Configuring Serial Over LAN Using 254 239 257 255259 264 Power Inventory, Power Budgeting Frequently Asked Questions 288274 284 294 293295 298 Frequently Asked Question about 322 Configuring Platform Events 316325 326 Using the Diagnostics Console 337 Using the System Event Log SEL 330332 333 341 Using the Secure Shell SSH 353342 Removable Flash Media Probes 342 IDRAC6 Overview IDRAC6 Express Management Features IDRAC6 Overview IDRAC6 Enterprise and vFlash Media IDRAC6 Feature ListIDRAC6 Express Enterprise With vFlash Interface and Standards Support Remote Management and Remediation Security and AuthenticationConnectivity Logging Monitoring SM-CLP RAC Log Lifecycle Controller Unified Server Configurator IDRAC6 Overview Supported Remote Access Connections Features Supported Remote Access ConnectionsIDRAC6 Ports IDRAC6 Server Listening Ports Port Number Function IDRAC6 Client Ports Port Number Function Other Documents You May Need IDRAC6 Overview IDRAC6 Overview IDRAC6 Overview Getting Started With the iDRAC6 Getting Started With the iDRAC6 Before You Begin Basic Installation of the iDRAC6Installing the iDRAC6 Express/Enterprise Hardware Configuring Your System to Use an iDRAC6 Select Save Changes and Exit Configuring iDRAC6 Software Installation and Configuration OverviewInstalling iDRAC6 Software Installing the Software on the Management Station Installing the Software on the Managed System Uninstalling Racadm Installing Racadm Downloading the iDRAC6 Firmware Updating the iDRAC6 FirmwareBefore You Begin Updating the iDRAC6 Firmware Using Racadm Updating the iDRAC6 Firmware Using the Web-Based Interface Click Tools, and click Internet Options Configuring a Supported Web BrowserList of Trusted Domains Linux Viewing Localized Versions of the Web-Based InterfaceWindows Updated entry Basic Installation of the iDRAC6 Configuring the iDRAC6 Using the Web Interface Accessing the Web Interface Logging Logging Out Using Multiple Browser Tabs and Windows Click Remote Access→ Network/Security→ Network Configuring the iDRAC6 NICConfiguring the Network and Ipmi LAN Settings Click the appropriate button to continue. See Table Network Settings Setting Description Common Settings Description Network Settings Description Preferred DNS Server and Alternate DNS Server fields Common Settings SettingDescriptionIPv4 Settings Description IPv6 Settings Description Vlan Settings SettingDescription IPv6 Settings SettingDescriptionIpmi Settings Description Apply Configuring IP Filtering and IP BlockingNetwork Configuration Page Buttons Description Network Security Page Settings Description 11. Platform Event Filters Index Configuring Platform Events10. Network Security Page Buttons Description Processor AbsentCritical Assert Click System→ Alerts→ Traps Settings Configuring Platform Event Filters PEFConfiguring Platform Event Traps PET Configuring E-Mail Alerts Click System→ Alerts→ Email Alert Settings Configuring Ipmi Using Web Interface Set the Channel Privilege Level Limit and Flow Control Network/Security tab, click Serial Configuring iDRAC6 Users Secure Sockets Layer SSL Click Remote Access→ Network/Security Accessing SSL Through the Web-Based InterfaceCertificate Signing Request CSR 12. SSL Page Options Field Description View Server Certificate Generating a Certificate Signing RequestUpload Server Certificate Organization Name Common NameOrganization Unit Locality Refresh Reloads the Generate Certificate Signing Request Uploading a Server CertificateMenu 15. Certificate Upload Page Buttons Description 16. Certificate Information Field Description Viewing a Server Certificate17. View Server Certificate Page Buttons Button Description Enabled Single Sign-On Configuring and Managing Active DirectorySchema Selection Active Directory User Domain Name Timeout Certificate Extended SchemaSettings Print Configuring and Managing Generic LdapConfiguring iDRAC6 Services 21. Web Server Settings 20. Local Configuration Setting Description 22. SSH Settings Description 21. Web Server Settings SettingDescription23. Telnet Settings Port Number 24. Remote Racadm Settings 23. Telnet Settings Description25. Snmp Settings 26. Automated System Recovery Agent Setting 27. Services Page Buttons Description Updating the iDRAC6 Firmware/System Services Recovery Image File upload in progress IDRAC6 Firmware Rollback Remote Syslog 28. Remote Syslog Settings AttributeDescription 29. First Boot Device Attribute Description First Boot DeviceFirst Boot Device Boot Once Remote File Share 30. Remote File Server Settings Attribute Description 30 lists the remote file share settings Internal Dual SD Module Viewing Internal Dual SD Module Status Using GUI 32. SD Card States Description Advanced iDRAC6 Configuration Click Apply Changes Configuring the iDRAC6 Settings to Enable SSH/TelnetStarting a Text Console Through Telnet or SSH Running Telnet Using Microsoft Windows XP or Windows Using a Telnet Console Enable Telnet in Windows Component Services Using the Secure Shell SSH Cryptography Schemes Scheme Type Configuring Linux for Serial Console During Boot Sample File /etc/grub.conf Enabling Login to the Virtual Console After Boot Serial --unit=1 --speed=57600 terminal --timeout=10 serial Sample File /etc/innitab Shows a sample file with the new line Sample File /etc/innitab Sample File /etc/securetty Configuring iDRAC6 for Serial Connection Racadm config -g cfgSerial -o cfgSerialConsoleEnable For Direct Connect Terminal mode 100 101 102 Signal Name 103 Configuring Linux Minicom for Serial Console Emulation 104 Select Save setup as configname and press EnterRequired Minicom Settings for Serial Console Emulation 105 Configuring HyperTerminal for Serial Console Configuring Ipmi and iDRAC6 Serial Configuring Serial and Terminal ModesManagement Station COM Port Settings Setting Description Ipmi Serial Settings Description 107 IDRAC6 Serial Settings10. Serial Page Settings Serial page, click Terminal Mode Settings Configuring Terminal Mode11. Terminal Mode Settings Description 12. Terminal Mode Settings Page Buttons Description Accessing the iDRAC6 Through a Network Configuring the iDRAC6 Network Settings12. Terminal Mode Settings Page Buttons ButtonDescription 109 13. iDRAC6 Interfaces InterfaceDescription Powercycle, and hardreset commands110 13. iDRAC6 Interfaces Description Using Racadm Remotely111 112 Racadm Synopsis 14. racadm Command Options DescriptionRacadm Options 113 114 Racadm SubcommandsEnabling and Disabling the Racadm Remote Capability 115 15. Racadm Subcommands Command Description 116 117 Frequently Asked Questions About Racadm Error MessagesWhat does this message mean? 118 Configuring Multiple iDRAC6 Controllers 119 Creating an iDRAC6 Configuration File 120 121 Parsing RulesExample 122 Modifying the iDRAC6 IP Address 123 Configuring iDRAC6 Network Properties 124 16. iDRAC6 NIC Configurations Mode Description Frequently Asked Questions about Network SecurityIDRAC6 Modes 125 126 Why doesn’t my DNS server register my iDRAC6? 127 128 Adding and Configuring iDRAC6 Users Adding and Configuring IDRAC6 UsersClick Remote Access→ Network/Security→ Users 129 130 User States and Permissions Setting Description Enable User Smart Card Configuration Options OptionDescription131 Upload Trusted CA 132 General User SettingsIpmi User Privileges PropertyDescription IDRAC User Privileges Property Description IDRAC Group Permissions User Group Permissions Granted 133Reasons, assign this privilege carefully User Configuration Page Buttons Action Public Key Authentication over SSHBefore You Begin 134 135 Generating Public Keys for WindowsGenerating Public Keys for Linux Sending racadm commands Logging in Using Public Key AuthenticationLogging 136 137 SSH Key Configurations Option DescriptionUpload SSH Keys Option Description 10. View/Remove SSH Keys Option Description Upload Uploading, Viewing, and Deleting SSH Keys Using RacadmView Delete 139 Using the Racadm Utility to Configure iDRAC6 Users 140 Adding an iDRAC6 UserExample 141 Removing an iDRAC6 UserEnabling an iDRAC6 User With Permissions 142 IDRAC6 User Privileges Description Using iDRAC6 With Microsoft Active Directory143 Privilege Description 144 145 Click Start→ Administrative Tools→ Domain Security PolicyEnabling SSL on a Domain Controller 146 147 Importing the iDRAC6 Firmware SSL Certificate Extended Schema Active Directory Overview Supported Active Directory Authentication MechanismsActive Directory Schema Extensions 148 149 Overview of the iDRAC Schema ExtensionsActive Directory Object Overview 150 Typical Setup for Active Directory Objects 151 Accumulating Privileges Using Extended Schema 152 153 Extending the Active Directory Schema 154 Using the Dell Schema Extender 155 DellPrivileges Class 156DellProduct Class 840.113556.1.8000.1280.1.1.1.5 Valued 157Single 158 159 Installing the Administrator Pack Select iDRAC Device Object Creating an iDRAC Device ObjectCreating a Privilege Object Select Privilege Object Creating an Association Object Configuring an Association ObjectAdding Users or User Groups Adding Privileges 162 Adding iDRAC Devices 163 164 Racadm 165 166 167 168 Standard Schema Active Directory Overview Single Domain Versus Multiple Domain Scenarios Default Role Group Privileges169 Permissions Granted Bit Mask Groups Level 170 Directory Users and Computers Snap-in 171 172 173 174 175 176 177 Testing Your Configurations 178 Generic Ldap Directory ServiceLogin Syntax Directory User versus Local User 179 180 181 View the settings using the below commands Configuring Generic Ldap Directory Service Using RacadmUse Racadm to confirm whether login is possible Additional settings to test BindDN option 183 Frequently Asked Questions about Active Directory 184 When do I need to configure Global Catalog Addresses?How does standard schema query work? Does iDRAC6 support the NetBIOS name? Why does iDRAC6 enable certificate validation by default?Does iDRAC6 always use Ldap over SSL? 185 186 About Kerberos Authentication Configuring iDRAC6 for Single Sign- On or Smart Card Login 188 Click Remote Access→ Network/Security tab→ Network subtab 189 Select Tools→ Internet Options→ Security→ Local Intranet Browser Settings to Enable Active Directory SSOClick Advanced 190 191 Using Microsoft Active Directory SSOConfiguring iDRAC6 to Use SSO 192 Logging Into iDRAC6 Using SSOUsing Racadm Configuring Local iDRAC6 Users for Smart Card Logon Configuring Smart Card AuthenticationExporting the Smart Card Certificate 193 Configuring Smart Card Using iDRAC6 Configuring Active Directory Users for Smart Card LogonNetwork/Security→ tab Smart Card 194 Enabled with Remote Racadm Enables Smart Card Smart Card Settings DescriptionIf you select Enabled or Enabled with Remote Racadm, you Enable with Remote Racadm setting only to access IDRAC6 under Remote Access→ Network/Security→ Logging Into the iDRAC6 Using the Smart Card196 Network 197 ActiveX plug-in unable to detect the Smart Card reader Troubleshooting the Smart Card Logon in iDRAC6Incorrect Smart Card PIN Unable to Log into Local iDRAC6 199 Unable to Log into iDRAC6 as an Active Directory User 200 Frequently Asked Questions About SSO 201 202 Using Virtual Console Using GUI Virtual ConsoleOverview 203 204 Configuring Your Management Station 205 206 Clear Your Browser’s CacheJava Cache viewer is displayed 207 Common Settings for Microsoft Windows Operating Systems 208 Supported Screen Resolutions and Refresh RatesConfiguring Virtual Console in the iDRAC6 Web Interface Local Server Video 209Remote Presence Port Opening a Virtual Console Session Configuration Page Buttons Definition210 Plug-in Type Video Encryption Enabled Virtual Console EnabledEnabled Remote Presence Port 211 212 Virtual Console PreviewVirtual Console and Virtual Media Page Buttons Definition Refresh Reloads the Virtual Console and Virtual Media Settings on the Console/Media Configuration Using iDRAC6 Virtual Console Video Viewer213 Virtual Console Preview Options Descritpion Viewer Menu Bar Selections Menu Item Description 214Pin icon Virtual Launch Virtual 215 Viewer Menu Bar Selections Menu Item Item Description 216 217 218 Click System→ Console/Media→ ConfigurationDisabling or Enabling Local Server Video 219 Launching Virtual Console and Virtual Media RemotelyURL Format 220 General Error ScenariosError Scenarios Reason Behavior 221 Frequently Asked Questions on Virtual Console CfgRacTuneLocalServerVideo Using Virtual Console Frequently Asked Questions Answer222 223 Bios 224 Supported CIM Profiles Using the WS-MAN Interface225 Standard Dmtf Standard Dmtf 227 Standard Dmtf Dell Extensions 229 WS-MAN release notes or readme file IDRAC6 SM-CLP Support Using the iDRAC6 SM-CLP Command Line Interface Using SM-CLP SM-CLP FeaturesSM-CLP Targets 232 SM-CLP Targets Definitions 233 Capabilities on the system 234 Dhcp 235 236 237 238 Remote System Requirements Deploying Your Operating System Using VmcliNetwork Requirements 239 Configuring the Remote Systems Creating a Bootable Image FilePreparing for Deployment Creating an Image File for Linux Systems 241 Deploying the Operating System 242 Using the Vmcli Utility 243 Installing the Vmcli UtilityCommand Line Options IDRAC6 IP Address Vmcli ParametersIDRAC6 User Name 244 245 IDRAC6 User PasswordFloppy/Disk Device or Image File 246 CD/DVD Device or Image File Version Display Vmcli Operating System Shell OptionsHelp Display Encrypted Data 248 Vmcli Return Codes Configuring Ipmi Using the Racadm CLI Configuring Ipmi Using Web-Based InterfaceSupport.dell.com\manuals 249 250 251 252 253 254 Using the Ipmi Remote Access Serial InterfaceConfiguring Serial Over LAN Using the Web-Based Interface 255 Configuring and Using Virtual Media 256 Windows-Based Management Station Virtual Media Configuration Properties Attribute Value Configuring Virtual MediaLinux-Based Management Station 257 258 Virtual Media Configuration Properties AttributeValueConfiguration Page Buttons Description Connecting Virtual Media Supported Virtual Media ConfigurationsRunning Virtual Media 259 260 Click Launch Virtual Console Disconnecting Virtual Media Booting From Virtual MediaClick Tools→ Launch Virtual Media 261 262 Installing Operating Systems Using Virtual MediaBoot Once Feature Windows-Based Systems Select the Enable Boot Once option under Virtual MediaLinux-Based Systems 263 264 Frequently Asked Questions about Virtual MediaUsing Virtual Media Frequently Asked Questions Answer 265 Using the Dell Systems Management Tools 266 Answer 267 On Windows Event Collector and click Stop Administrative Tools Services. Right-click268 269 Configuring vFlash SD Card and Managing vFlash Partitions Size 270SD Card Properties Attribute Description 271 VFlash EnabledAvailable Space Write-protected 272 Configuring vFlash or Standard SD Card UsingDisplaying the vFlash or Standard SD Card Properties Enabling or Disabling the vFlash or Standard SD Card Resetting the vFlash or Standard SD CardInitializing the vFlash or Standard SD Card Getting the Last Status on the vFlash or Standard SD Card 274 Managing vFlash Partitions Using iDRAC6 Web InterfaceCreating an Empty Partition Create Empty Partition Page Options Field Description 275Index Label Emulation Type Creating a Partition Using an Image File276 277 Img nor .iso Image Location Formatting a Partition278 279 Viewing Available PartitionsFormat Partition Page Options Field Description Format Type Viewing Available Partitions Field Description 280Read-Only Attached 281 Modifying a PartitionAttaching and Detaching Partition 282 Deleting Existing PartitionsOperating System Behavior for Attached Partitions Downloading Partition Contents Booting to a Partition Managing vFlash Partitions Using RacadmValid Options 284 285 Options only valid with the create actionOptions only valid with the status action Deleting a Partition Creating a PartitionGetting the Status of a Partition Viewing Partition Information 287 Attaching or Detaching a Partition 288 Frequently Asked QuestionsWhen is the vFlash or standard SD card locked? 289 Power Monitoring Management Power Monitoring Power Inventory, Power Budgeting, and CappingConfiguring and Managing Power 290 Using the Web-Based Interface Viewing the Health Status of the Power Supply UnitsPower Supplies Redundancy Status The possible values are Individual Power Supply Elements The possible values are 292 Using Racadm Using the Web Interface Viewing Power BudgetPower Budget Information page displays 293 294 Power Budget Threshold 295 Viewing Power MonitoringPower Monitoring 296 Power Tracking StatisticsAmperage Headroom Power ConsumptionShow Graph 297 298 Executing Power Control Operations on the Server 299 300 301 Using the iDRAC6 Configuration Utility 302 Starting the iDRAC6 Configuration UtilityUsing the iDRAC6 Configuration Utility 303 IDRAC6 LANIpmi Over LAN LAN Parameters Description LAN Parameters304 Ethernet IP Address, Subnet Mask, and Default Gateway IPv4 SettingsWhen Static is selected, the Ethernet IP Address, Subnet 305 Selected, the IPv6 Address 1, Prefix Length, and Default IPv6 SettingsWhen Static is selected, the IPv6 Address 1, Prefix Length 306 307 Virtual Media ConfigurationVirtual Media Initialize vFlash VFlashVFlash Properties 308 System Services Cancel System Services System Services ConfigurationSmart Card Logon 309 LCD User Configuration LCD ConfigurationCollect System Inventory on Restart 310 Reset to Default LAN User ConfigurationBetween the options Disabled, View And Modify, and View 311 312 LAN User Configuration Description 313 314 Exiting the iDRAC6 Configuration UtilitySystem Event Log Menu 315 Monitoring and Alert Management Disabling the Automatic Reboot Option in Windows Server Disabling the Windows Automatic Reboot OptionClick Advanced System Settings under Tasks on the left Under Startup and Recovery, click Settings 317 318 Configuring PEF Using the Web-Based InterfaceConfiguring PEF Using the Racadm CLI Configuring PET Using the Web User Interface Configuring PETConfiguring PET Using the Racadm CLI 319 320 Configuring E-mail Alerts Using the Web User InterfaceConfiguring E-Mail Alerts Using the Racadm CLI 321 Testing E-mail Alerting Testing the RAC Snmp Trap Alert Feature Frequently Asked Question about Snmp AuthenticationWhy is the following message displayed 322 323 324 325 First Steps to Troubleshoot a Remote System Selecting Power Control Actions from the iDRAC6 CLI Managing Power on a Remote SystemViewing System Information 326 Main System Chassis Auto Recovery FieldDescription327 System Information Field Description 328 Remote Access ControllerEmbedded NIC MAC Addresses Field Description RAC Information Field Description IPv6 Information Fields Description 329IPv4 Information Field Description 330 Using the System Event Log SELStatus Indicator Icons Icon/Category Description 331 Using the Command Line to View System LogSEL Page Buttons Button Action 332 Using the Post Boot Logs To view the Last Crash Screen Viewing the Last System Crash Screen333 Last Crash Screen Page Buttons Action 334 335 Using the RAC Log 336 Using the iDRAC Log Page ButtonsIDRAC Log Page Information Field Description IDRAC Log Buttons Action 337 Using the Command LineUsing the Diagnostics Console Click System→ Remote Access→ Troubleshooting→ Identify Using Identify ServerDiagnostic Commands Description 338 339 Using the Trace LogUsing the racdump 340 Using the coredump Sensors Battery ProbesFan Probes Chassis Intrusion Probes Power Monitoring Probes Power Supplies ProbesTemperature Probe Removable Flash Media Probes 343 Voltage Probes 344 345 Configuring Security Features Disabling the iDRAC6 Local Configuration Security Options for the iDRAC6 AdministratorDisabling Local Configuration During System Reboot Disabling Local Configuration From Local Racadm 347 348 Disabling iDRAC6 Virtual Console 349 SSL Main Menu Field Description Accessing the SSL Main Menu350 SSL Main Menu Buttons Description 351 Certificate Information Field Description 352Generate Certificate Signing Request CSR Page Buttons 353 Using the Secure Shell SSHConfiguring Services Web Server Settings Local Configuration Settings Description354 Http Port Number Telnet Settings SSH Settings Description10. Remote Racadm Settings 355 12. Automated System Recovery Agent Setting Description 11. Snmp Agent Settings Description13. Services Page Buttons 356 357 Enabling Additional iDRAC6 Security OptionsIP Filtering IpRange 358 Enabling IP Filtering 359 IP Filtering GuidelinesIP Blocking 360 15. Login Retry Restriction Properties Property Definition 361 Network Configuration page, click Advanced SettingsEnabling IP Blocking Go Back to Network Returns to the Network Configuration 16. Network Security Page Settings Description362 Penalty Time ASR Index Index Index Ipmi Racadm SEL Index Index