Securing iDRAC6 Communications Using SSL and
Digital Certificates
This section provides information about the following data security features
that are incorporated in your iDRAC:
•
Secure Sockets Layer (SSL)
•
Certificate Signing Request (CSR)
•
Accessing SSL through the Web-based Interface
•
Generating a CSR
•
Uploading a server certificate
•
Viewing a server certificate
Secure Sockets Layer (SSL)
The iDRAC6 includes a Web server that is configured to use the
industry-standard SSL security protocol to transfer encrypted data over a network.
Built upon public-key and private-key encryption technology, SSL is a widely
accepted technology for providing authenticated and encrypted communication
between clients and servers to prevent eavesdropping across a network.
An SSL-enabled system can perform the following tasks:
•
Authenticate itself to an SSL-enabled client
•
Allow the client to authenticate itself to the server
•
Allow both systems to establish an encrypted connection
The encryption process provides a high level of data protection. The iDRAC6
employs the 128-bit SSL encryption standard, the most secure form of
encryption generally available for Internet browsers in North America.
The iDRAC6 Web server has a Dell self-signed SSL digital certificate (Server
ID) by default. To ensure high security over the Internet, replace the Web
server SSL certificate with a certificate signed by a well-known certificate
authority. To initiate the process of obtaining a signed certificate, you can use
the iDRAC6 Web interface to generate a Certificate Signing Request (CSR)
with your company's information. You can then submit the generated CSR to
a Certificate Authority (CA) such as VeriSign or Thawte.
64
Configuring the iDRAC6 Using the Web Interface