Certificate signing request (csr) – Dell POWEREDGE M1000E User Manual
Page 90
•
A self-signed certificate is not present
•
The self-signed certificate is corrupt
•
The self-signed certificate is expired (within 30 day window)
The self-signed certificate displays the common name as <cmcname.domain-name> where cmcname is the CMC host
name and domain-name is the domain name. If domain name is not available it displays only the Partially Qualified
Domain Name (PQDN), which is the CMC host name.
Certificate Signing Request (CSR)
A CSR is a digital request to a certificate authority (referred to as a CA in the Web interface) for a secure server
certificate. Secure server certificates ensure the identity of a remote system and ensure that information exchanged
with the remote system cannot be viewed or changed by others. To ensure the security for your CMC, it is strongly
recommended that you generate a CSR, submit the CSR to a certificate authority, and upload the certificate returned
from the certificate authority.
A certificate authority is a business entity that is recognized in the IT industry for meeting high standards of reliable
screening, identification, and other important security criteria. Examples of CAs include Thawte and VeriSign. After the
certificate authority receives your CSR, they review and verify the information the CSR contains. If the applicant meets
the certificate authority’s security standards, the certificate authority issues a certificate to the applicant that uniquely
identifies that applicant for transactions over networks and on the Internet.
After the certificate authority approves the CSR and sends you a certificate, you must upload the certificate to the CMC
firmware. The CSR information stored on the CMC firmware must match the information contained in the certificate.
NOTE: To configure SSL settings for CMC, you must have Chassis Configuration Administrator privilege.
NOTE: Any server certificate you upload must be current (not expired) and signed by a certificate authority.
Related Links
Generating a New Certificate Signing Request
Uploading Server Certificate
Viewing Server Certificate
Generating a New Certificate Signing Request
To ensure security, it is strongly recommended that you obtain and upload a secure server certificate to CMC. Secure
server certificates ensure the identity of a remote system and that information exchanged with the remote system
cannot be viewed or changed by others. Without a secure server certificate, CMC is vulnerable to access from
unauthorized users.
To obtain a secure server certificate for CMC, you must submit a Certificate Signing Request (CSR) to a certificate
authority of your choice. A CSR is a digital request for a signed, secure server certificate containing information about
your organization and a unique, identifying key.
After generating the CSR, you are prompted to save a copy to your management station or shared network, and the
unique information used to generate the CSR is stored on CMC. This information is used later to authenticate the server
certificate you receive from the certificate authority. After you receive the server certificate from the certificate
authority, you must then upload it to CMC.
NOTE: For CMC to accept the server certificate returned by the certificate authority, authentication information
contained in the new certificate must match the information that was stored on CMC when the CSR was
generated.
90