Closed Bruniche closed 5 years ago
texroemer
commented
5 years ago Hi @Bruniche
In current shipping iDRAC versions, we don't support generating CSR using Redfish. As a workaround, you can use RACADM command "racadm sslcsrgen". But we are planning to add OEM support to Redfish to generate CSR in future iDRAC release.
Thanks
Bruniche
commented
5 years ago Thanks for this quick answer. Hope coming in 3.40 version ;p
texroemer
commented
3 years ago Hi @Bruniche
Wanted to give you an update that generating CSR using Redfish is now supported in iDRAC9 4.40.00 release. New script has been created and uploaded to GitHub.
Example of running the script:
C:\Python38-32>GenerateCsrREDFISH.py -ip 192.168.0.120 -u root -p calvin -g y --city Austin --commonname idrac_test --country US --email tester@dell.com --org Test --orgunit "test group" --state Texas
- INFO, generating CSR for iDRAC 192.168.0.120, this may take a few seconds to complete
- INFO, CSR generated for iDRAC 192.168.0.120
-----BEGIN CERTIFICATE REQUEST-----
MIIC/DCCAeQCAQAwgY0xCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
A1UEBwwHSG91c3RvbjEUMBIGA1UECgwLcHJvZHVjdFRlc3QxEzARBgNVBAsMCnRl
c3QgZ3JvdXAxEzARBgNVBAMMCmlkcmFjX3Rlc3QxHDAaBgkqhkiG9w0BCQEWDXRl
c3RAZGVsbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbMbHl
jLD+iDZ1GDGCw75JuJ1DEpK9nF90i1IIaMYZB+CzMBrdDLvUsGys2knZgkNBjAee
TUNB9CK6R5n8rbSZwrnV4yY6D7Cd9wiQ3oFopl/I4qsaA1KycWeZKcbTbbxQszQM
ycihO4CeD21MvkvL08wQ5sYFrHPLGmLvpEZo0Nbz5KvNX1OuIkHzQYYdPb0IG063
JEk4zOMH0CfHAcGkZiaFOfVlLs49v52RAojXr60hl/OktU37LKvpUBqDxHh0rnaF
WZY4IeKjcdNxNLN7xBL+00QE6nvqJRVXqt6aqWpBvwyANDfZSWK9seb0A9zQJpEH
jwAU/9eypAS1nJO5AgMBAAGgKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAw
CwYDVR0PBAQDAgXgMA0GCSqGSIb3DQEBCwUAA4IBAQAK2YvJYh8Zuv4rCov7n8Px
owxQ/tz7HcRtQtCpABRYtErXZScBVM3M/EKhJ/5KNnFAMugs9lfB3Y1qaFeo1CIX
RSy+GTBmT5l8fQTtLYdirJHUdCvjZYfzUtRIIsmTzKZtN+wJ+30F1KA4ohysJ/yW
8cFJFWLyVBByWUVROYBN8UmU7lu7B+3HdDnfEPiy9T8N6Ohk8F6EQzPNN33RDZ3p
NcP19hi5xM1oW+KgKc/YVh79aTG/vBjwkWdHDfwhI01v5t4NpSHc2xni9nPKU4ns
Rps4xmbrXFaA5BQ4kda/hEUZrIsaZz7a/AExpcV6pf/tH0MBL+9k+ws2cQh7abGH
-----END CERTIFICATE REQUEST-----
- Generated CSR also copied to file "PowerEdgeR640_P617A11.csr"
Hello
With the last release on iDRAC 9, we can import and export certificate in redfish.
But i dont find the path to generate the local csr (with appropriate payload) and download it after to generate the good certificate by our internal PKI.
Is it possible or it's not possible yet ? Thanks.