Hello,
On a Poweredge R610 with iDRAC6 v. 1.97 (Build 02), I export the CSR via the webgui :
myServer.csr
Then on the server that manages our own CA, using easy-rsa, I have copied this csr into the easy-rsa/keys directory, then ran :
./sign-req myServer
and it is generating :
myServer.crt
that I tried to upload via the webgui SSL tab.
It is failing with the error :
"Certificate upload failed."
I then tried to upload this same file via the racadm command line :
PS C:\temp> racadm -r myServer -u root -p xxxxx sslcertupload -t 1 -f myServer.crt
Security Alert: Certificate is invalid - Certificate is not signed by Trusted Third Party
Continuing execution. Use -S option for racadm to stop execution on certificate-related errors.
ERROR: Unable to perform requested operation.
When I'm trying to use "-t 2", it seems to work with no error, but does not seem to do anything more (when viewing the cert. after a racadm racreset, it is still showing Dell's default cert.)
Questions :
- Why is the upload failing through webgui ? is there a simple filename extension check ?
- According to what I read, I should use -t 1, but this one is failing. What should I use ?
- In my browser, I've added our company CA. May someone confirm that what I'm trying to achieve is possible ? (use our own CA and our own self-signed certificate)