Import Private Key & Signed Cert

[Bruniche]

Hello texroemer,

It's not an issue or bug, but more a way to use the script with good parameters.

I search a way to use this racadm command in redfish :

• racadm -r drac-hostname -u username -p password sslkeyupload -t 1 -f drac.key
• racadm -r drac-hostname -u username -p password sslcertupload -t 1 -f drac.cer

I supposed the equivalent way is in this script : ExportImportSSLCertificateREDFISH.py

But i dont understand well which param i must use in both case (private key & signed cert) 1 for \"Server\"(Web Server Certificate), 2 for \"CSC\"(Custom Signing Certificate), 3 for \"CA\"(CA certificate for Directory Service:), 4 for \"ClientTrustCertificate\"'

I want to do the same things as here, but in redfish. https://www.dell.com/support/kbdoc/en-us/000120158/dell-poweredge-how-to-import-an-externally-created-custom-certificate-and-private-key-into-the-idrac

I google a lot, but doesnt find any help

Thanks for your help.

[AiRLAC]

I second this request :)

I looked at the scripts and haven't found a way (the script is only implementing the CSR->issue CERT->Upload CERT method, so the CSR has to come from the iDRAC with this logic, which makes custom certificates not possible), so right now I'm still uploading the private key and the custom certificate with racadm.exe.

[texroemer]

Hi,

For uploading SSL signed cert using script ExportImportSSLCertificateREDFISH.py, you would use option 4 for "ClientTrustCertificate".

For uploading SSL key, this is currently not supported by Redfish (no OEM or DMTF support) but there are plans to add this support (OEM) in a future iDRAC release.

Thanks Tex

[Bruniche]

Thanks a lot Texroemer. I close this issue then & wait for a new release soon (mainly on iDRAC8) !