LDAP Feature for the Remote Console Switch : LDAP SSL Certificates : Enabling SSL on a Domain Controller

Enabling SSL on a Domain Controller
If you plan to use Microsoft Enterprise Root CA to automatically assign all your domain controllers SSL certificate, you must perform the following steps to enable SSL on each domain controller if you have not previously done so.
1
a
Select Start - Control Panel - Add or Remove Programs.
b
Select Add/Remove Windows Components.
c
In the Windows Components Wizard, select the Certificate Services check box.
d
Select Enterprise root CA as CA Type and click Next.
e
2
a
Click Start - Administrative Tools - Domain Security Policy.
b
Expand the Public Key Policies folder, right-click Automatic Certificate Request Settings and click Automatic Certificate Request.
c
3
Click Next and click Finish.
To export the CA certificate:
1
Within the Windows operating system, open the Certificate Authority management tool:
Start - All Programs - Administrative Tools - Certificate Authority.
2
You may view properties of the certificate authority by right clicking on the authority in the tree view and selecting Properties. The CA Properties dialog box will open.
3
Click the General tab and the View Certificate button to open the Certificate dialog box.
4
Click the Details tab then the Copy To File button. The Certificate Export Wizard will open.
5
Click Next to begin using the wizard.
6
On the Export File Format screen select the Base-64 encoded X.509 (.CER) radio button and press the Next button.
7
8
Press the Finish button.
The resulting certificate file is properly formatted and readable by OpenSSL.
The Tools tab allows the user to upload a CA certificate to the Remote Console Switch. This tool is only available when LDAP Authentication is enabled on the Authentication Panel of the appliance's AMP.
In general, it will be necessary to upload the CA certificate only once; however, it will have to be uploaded again if the certificate is revoked, if it expires, or if "Restore Factory Defaults" is selected from the serial console menu.
NOTE:
NOTE:
Figure 9 3. Remote Console Switch Software - Send Security Certificate
After sending the Security Certificate, the following window displays.
Figure 9 4. Remote Console Switch Software - Send Certificate
j
 
You can browse to a certificate and open it. Once the certificate is open and its contents are displayed, the user can then send the certificate to the appliance.