Monday, January 6, 2014

How to install a wildcard certificate on Dell DRAC

This does not seem to be well documented, but I have tested this procedure on RAC/DRAC/iDRAC 6 and 7 with Internet Explorer (versions 6,8,11), Firefox (version 26 Windows and Linux), Chrome (version 32 Windows and Linux).  The process used an Entrust wildcard certificate.

  1. Obtain a wild card certificate, intermediate certificates (if any) and private key from a Certificate Authority (CA).
  2. Change the default key size on the DRAC using racadm -i config -g cfgRacSecurity -o cfgRacSecCsrKeySize 2048
  3. Upload your private key using racadm -i sslkeyupload -t 1 -f private.key
  4. Create a text file (yourfile.crt) that includes, in this order, your wildcard.crt, a Carriage Return Line Feed (CRLF) and your intermediate.crt.  Remove any other Carriage Returns (CR) except for the CRLF between certificates.  If you are performing this on Windows, you will probably need use something other than Notepad to succeed.
  5. Upload the text file you created using racadm -i sslcertupload -t 1 -f yourfile.crt

Firefox generally would not succeed without the intermediate certificate authorities, while Internet Explorer (and Chrome on Windows) would work without issue.