Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

How to Create a Domain or Third-Party Certificate for Dell Data Security / Dell Data Protection Server

Summary: A certificate may be created for a Dell Data Security / Dell Data Protection server using these instructions.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Symptoms

A Dell Data Security (formerly Dell Data Protection) server may use a certificate that is provided by a third-party or internal certificate authority (CA).


Affected Products:

Dell Security Management Server
Dell Security Management Server Virtual
Dell Data Protection | Enterprise Edition
Dell Data Protection | Virtual Edition

Affected Versions:

v8.0.0 to Later


Cause

Not applicable.

Resolution

To use a CA certificate, Dell Data Security server requires:

  • A certificate signing request (CSR) to be submitted to the CA.
  • A CA signed certificate (.cer) and private key to be converted to a Personal Information Exchange Format (PFX).

Click the appropriate action for more information.

CSR

To create a CSR:

  1. Right-click the Windows Start menu and then click Run.

Run

  1. In the Run UI, type MMC and then press OK.

Run UI

  1. From the Microsoft Management Console, select File, and then Add/Remove Snap-in.

Add/Remove Snap-in

  1. Select Certificates and then click Add.

Certificates

  1. Select Computer account and then click Next.

Computer account

  1. With Local computer selected, click Finish.

Local computer

  1. Click OK.

Adding Certificates snap-in

  1. In Console Root, expand Certificates.

Expanding Certificates

  1. Right-click Personal, select All Tasks, Advanced Operations, and then click Create Custom Request.

Create custom request

  1. Click Next.

Before You Begin

  1. Under Custom Request, select Proceed without enrollment policy and then click Next.

Select Certificate Enrollment Policy

  1. From the Custom request menu:
    1. Select template: (No template) Legacy key
    2. Select format: PKCS #10
    3. Click Next.

Custom request

  1. Expand Details and then click Properties.

Certificate Information

  1. In the General tab, populate the Friendly name and Description.

General tab

  1. In the Subject tab:
    1. From subject name, populate and then Add:
      1. Common name (CN)
      2. Organization
      3. Locality
      4. State
      5. Country
    2. From alternative name, populate the Dell Data Security server DNS and then click Add.

Subject tab

  1. In the Private Key tab:
    1. Expand Cryptographic Service Provider.
    2. Select Microsoft RSA SChannel Cryptographic Provider.
    3. Expand Key options.
    4. Select key size: 2048.
    5. Check Make private key exportable.
    6. Click OK.

Private Key tab

  1. Click Next.

Certificate Information

  1. Browse to a location to save the file and then click Finish.

Destination folder

Note: The CSR output can now be submitted to a third-party provider or internal certificate authority (CA).
PFX

To export a .pfx:

  1. Bring the CA signed certificate (.cer) to the machine where the CSR originated from.
  2. Right-click the .cer file and then click Install Certificate.

Install Certificate

Note: certtest.cer is an example certificate name. The certificate name may differ in your environment.
  1. In the Certificate Import Wizard, select Local Machine and then click Next.

Local Machine

  1. Select:
    1. Select Place all certificates in the following store.
    2. Click Browse.
    3. Click Personal.
    4. Click OK.
    5. Click Next.

Certificate Store

  1. Click Finish.

Completing the Certificate Import Wizard

  1. Click OK.

Successful import

  1. Right-click the Windows start menu and then click Run.

Run

  1. In the Run UI, type MMC and then press OK.

Run UI

  1. From Microsoft Management Console, select File, and then Add/Remove Snap-in.

Add/Remove Snap-in

  1. Select Certificates and then click Add.

Certificates

  1. Select Computer Account and then click Next.

Computer account

  1. With Local computer selected, click Finish.

Local computer

  1. Click OK.

Adding Certificates snap-in

Note: Ensure the root certificate of the third-party provider or internal CA is installed in trusted root certificates.
  1. Go to Certificates, Personal, and then Certificates.

Certificates

  1. Right-click the imported certificate (step 5), click All Tasks, and then click Export.

Export

  1. Click Next.

Certificate Export Wizard

  1. With Yes, export the private key selected, click Next.

Exporting the private key

  1. From the Export File Format menu:
    1. Select Personal Information Exchange - PKCS #12 (.PFX).
    2. Check Include all certificates in the certification path if possible.
    3. Check Export all extended properties.
    4. Click Next.

Export File Format

  1. Enter and confirm the Password. Once populated, click Next.

Security

  1. Browse to a location to save the .pfx and then click Next.

File to export

  1. Click Finish.

Completing the Certificate Export Wizard

  1. Click OK.

Successful export

  1. If using:
    • Dell Security Management Server Virtual (Formerly Dell Data Protection | Virtual Edition), go to Step 24
    • Dell Security Management Server (Formerly Dell Data Protection | Enterprise Edition), the .pfx creation process is completed.
  2. To successfully upload a .pfx, Dell Security Management Server Virtual requires:
    • A completed .pfx
    • A third-party FTP (file transfer protocol) client.
      • Examples of an FTP client include (but are not limited to):
        • Filezilla
        • WinSCP
        • FireFTP
Note:
  • Dell does not endorses or support any listed third-party product. The listed clients are meant to be an example of potential products a customer can use. Contact the product’s manufacturer for information about setup, configuration, and management.
  • Your FTP Client UI may differ from the below screenshot examples.
  1. Launch the FTP client.
  2. In the FTP client, Log in with an FTP user to the Dell Security Management Server Virtual.

FTP client login

Note: An FTP user must be created within the Dell Security Management Server. Reference How to Create an FTP User in Dell Security Management Server Virtual / Dell Data Protection Virtual Edition for more information.
  1. Go to /certificates/.

Certificate directory

  1. Move the .pfx from where it was saved (Step 20) to /certificates/.

Move the .pfx

  1. Close the FTP client.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Additional Information

 

Videos

 

Affected Products

Dell Encryption
Article Properties
Article Number: 000125477
Article Type: Solution
Last Modified: 20 Dec 2022
Version:  10
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.