Scribd
Upload
36 views

Internal Certificate Generation

The document provides instructions for generating an internal certificate using OpenSSL. It describes downloading OpenSSL for Windows or Linux, running OpenSSL commands to generate a certificate signing request (CSR) and private key, submitting the CSR online to request a signed certificate, combining the key and certificate into a PKCS#12 file, and uploading the resulting files to an IDRAC server.

Uploaded by

Caprica1011 Group
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
36 views

Internal Certificate Generation

The document provides instructions for generating an internal certificate using OpenSSL. It describes downloading OpenSSL for Windows or Linux, running OpenSSL commands to generate a certificate signing request (CSR) and private key, submitting the CSR online to request a signed certificate, combining the key and certificate into a PKCS#12 file, and uploading the resulting files to an IDRAC server.

Uploaded by

Caprica1011 Group
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Internal Certificate Generation

Install the light version of the latest OpenSSL release

this can be on the server or your machine depending on the type of certificate that you will be
generating

Windows

https://slproweb.com/products/Win32OpenSSL.html

Linux

https://www.openssl.org/source/

Open SSL as Administrator


Run the following command:

openssl req -out <host-FQDN>.csr -newkey rsa:4096 -nodes -keyout


<host-FQDN>.key

fill the parameters with the following information:

Country Name (2 letter code) [AU]:BS


State or Province Name (full name) [Some-State]:New Providence
Locality Name (eg, city) []:Nassau
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Unique
Vacations, LTD
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name)
[]:dalpcalbase2.sandals.com
Email Address []:[email protected]

change to the default path or the path define for the OpenSSL console

C:\Program Files\OpenSSL-Win64\bin

Go to the following website for the certificate generation:

http://torpadsubca01.sandals.com/certsrv/

Request a certificate
Select the advanced certificate request option

Copy the CSR into the box and select Sandals Web Server and click submit.
Download the certificate move to the \bin folder and rename to match your key and csr name.

Run the following command:

openssl pkcs12 -export -out <hostname>.pfx -inkey <hostname>.key -in


<hostname>.cer

change the bold words to reflect your hostname, use a secure password, and then you have a
usable pfx certificate that can be deployed.

To upload certificates to the IDRAC server use the following commands:

Clear SSL certificate

racadm -r <IP od Idrac> -u <user> -p <password> sslresetcfg

upload the key

racadm -r <ip of idrac> -u <username> -p <password> sslkeyupload -


t 1 -f filename.key

intercative

racadm -r <ip of idrac> -i sslkeyupload -t 1 -f <filename>.key


upload the cert

racadm -r <ip of idrac> -u <username> -p <password> sslcertupload


-t 1 -f filename.cer

interactive

racadm -r <ip of idrac> -i sslcertupload -t 1 -f <filename>.cer

Reset the Idrac

racadm -r <ip of idrac> -u <username> -p <password> racreset

You might also like