Dell

Prerequisites

  • iDRAC integration is enabled using the Redfish API. Redfish API is enabled by default in most iDRAC9 and iDRAC10 firmware versions. However, if it is disabled or access is restricted, enable it via the iDRAC GUI , navigate to:iDRAC Settings > Services > Redfish.
  • The onboarding user for iDRAC must have the Operator role assigned.
  • Verify that the target server’s FQDN or IP Address is reachable from the cloud connector.

Onboarding Dell

  1. Go to (Menu) > CERT+ > ADMINISTRATION > Device Management.
    By default, the ADC tab opens.
  2. Click the Server tab.
  3. Click the (Add) icon.
  4. Select Dell logo from the Vendors list.
  5. In the Server Details section, enter details as mentioned below.
    Table 1. Server Details - Field Description Table
    Fields Description
    *Server Type Select Server type has default value iDRAC (Integrated Dell Remote Access Controller).
    *Server name Enter the name of the designated Dell iDRAC server.
    *IP address/ FQDN Enter the valid IP address or fully qualified domain name (FQDN) of the device being onboarded. It is used for device communication and integration with the server.
    HTTPS Port Use the HTTPS Port enabled in the iDRAC webserver setting.
    Note: Default value is 443.
    Data center Choose the desired data center.
    Onboarding Group Select the onboarding group to assign the device.
    Note: Devices without an assigned group are automatically mapped to the Default group during migration, onboarding, and when edited without existing group mappings.
    Proxy required To enable communication through proxy servers select the checkbox.
    Note: By default, the checkbox is not selected.
    Cert sync Choose from any of the following:
    • Managed - AppViewX performs the config fetch operations and the certificates are discovered and managed in the inventory. CLM actions (push & bind, rollback etc.) can be performed on them.
    • Monitored - AppViewX performs the config fetch operations and the certificates are downloaded in the inventory in the read-only state. CLM actions cannot be performed on them.
    • Ignored - AppViewX only performs the config fetch operations for the devices. There is no certificate discovery performed.
    *: Mandatory fields
  6. In the Credentials section, select/enter the details as follows.
    Table 2. Credentials - Field Description Table
    Fields Description
    *Credential Type Select the credential type from the dropdown.
    • Manual entry (default)
    • All supported Internal and external vault
    Note:

    If the Credential Type is selected, the *Credentials list dropdown field is displayed. Select any of the preconfigured credential values.
    *Username Enter the designated username for authentication.
    *Password Enter the secure password.
    *: Mandatory fields
  7. Click Save.
    The Dell iDRAC device is onboarded successfully.

Enroll Certificate

Prerequisites and Validation Rules for Endpoint CSR generation:

The following fields are mandatory and must be validated:

  • Common Name
  • Organization
  • City
  • State
  • Country
  • Organizational Unit
Note: All the above fields are required. Missing any field will result in a validation error with a user-friendly message.
Validation Rules
  • All the above fields are required. Missing any field should result in a validation error with a user-friendly message.
  • Alternative Names:
    • Valid DNS entries.
    • Can only include letters, numbers, and dots (.), and must not contain spaces, underscores (_), or other special characters.
  • Common Name, Organization, City, State, and Country must:
    • Only letters, numbers, dots (.), spaces, and underscores (_) are allowed.
    • Other special characters are not permitted.
  • Key Type and Size Constraints (iDRAC-specific):
    • iDRAC primarily supports the RSA key type.
    • DSA and Elliptic Curve (EC) key type is not supported
    • By default, iDRAC uses RSA 2048-bit keys with SHA-256 for cryptographic operations.

Discovery Certificate

AppViewX discovers the certificate from the iDRAC SSL/TLS settings and creates the following profiles.
  • {deviceName}:@adminPortal
  • {deviceName}:@adminPortal:@customSigningCertificate
Note: Private keys cannot be exported.

Push Certificate

  • Use {deviceName}:@adminPortal profile will be used to push both SSL/TLS Certificate Signing Request and SSL/TLS Custom Certificate
  • Use the {deviceName}:@adminPortal:@customSigningCertificate profile to push only the custom signing certificate. Once pushed, iDRAC will generate a self-signed certificate that is signed using the provided custom signing certificate
  • After the certificate is pushed, iDRAC automatically performs a reset. During this process, iDRAC may be temporarily unavailable for a few minutes.
    Note: The existing certificate remains active until the reset is completed.

Validating the Device

After the device is onboarded successfully, follow the steps to validate the device communication with AppViewX:
  1. Go to ADMINISTRATION > Device Management.
    By default, the ADC tab opens.
  2. Click the Server tab.
    The Server Inventory page is displayed.
  3. Check that the device name appears in the inventory (Name column) with the specified CertSync status (Status Column).
    The status column will have the value Managed/Monitored/Ignored based on the CertSync status if the connection is successful or displays Failed/Unresolved in case of failure.
  4. From the Status column, click the Managed/Monitored.
    Device Status Log pop-up is displayed.
  5. Expand each value in the pop-up to know the Device communication, Device Version, Instance Information, and Certificate Discovery From Device.

What's Next

Once you have onboarded and validated the device connection, you are ready to proceed with the any of the following certificate actions: