Files you create for ssl and ssh security, User’s guide – Dell Managed PDU LED User Manual
Page 214
USER’S GUIDE
Ma
na
ge
d R
a
ck
PD
U
209
Files you create for SSL and SSH security
Use the Rack PDU Security Wizard to create these components of an SSL and SSH
security system:
• The server certificate for the Rack PDU, if you want the benefits of authentication that
such a certificate provides. You can create either of the following types of server
certificate:
– A server certificate signed by a custom CA root certificate also created with the
Rack PDU Security Wizard. Use this method if your company or agency does not
have its own Certificate Authority and you do not want to use an external
Certificate Authority to sign the server certificate.
– A server certificate signed by an external Certificate Authority. This Certificate
Authority can be one that is managed by your own company or agency or can be
one of the commercial Certificate Authorities whose CA root certificates are
distributed as part of a browser’s software.
• A certificate signing request containing all the information required for a server
certificate except the digital signature. You need this request if you are using an
external Certificate Authority.
• A CA root certificate.
• An SSH host key that your SSH client program uses to authenticate the Rack PDU
when you log on to the command line interface.
Only Dell Rack PDU products
can use server certificates, host keys, and CA root
certificates created by the Rack PDU Security Wizard. These files will not work with
products such as OpenSSL
®
and Microsoft
®
Internet Information Services (IIS).
You define whether the public keys for SSL certificates and the host keys for
SSH that are created with the Rack PDU Security Wizard are 1024-bit RSA
keys (the default setting), or 2048-bit RSA keys, which provide complex
encryption and a higher level of security.
If you do not create and use SSL server certificates and SSH host keys with
the Rack PDU Security Wizard, the Rack PDU generates 2048-bit RSA keys.