Перейти к основному содержимому
  • Простое и быстрое размещение заказов
  • Просмотр заказов и отслеживание состояния доставки
  • Создание списка продуктов и доступ к нему

How to Create a Domain or Third-Party Certificate for Dell Data Security / Dell Data Protection Server

Сводка: A certificate may be created for a Dell Data Security / Dell Data Protection server using these instructions.

Данная статья применяется к Данная статья не применяется к Эта статья не привязана к какому-либо конкретному продукту. В этой статье указаны не все версии продуктов.

Симптомы

A Dell Data Security (formerly Dell Data Protection) server may use a certificate that is provided by a third-party or internal certificate authority (CA).


Affected Products:

Dell Security Management Server
Dell Security Management Server Virtual
Dell Data Protection | Enterprise Edition
Dell Data Protection | Virtual Edition

Affected Versions:

v8.0.0 to Later


Причина

Not applicable.

Разрешение

To use a CA certificate, Dell Data Security server requires:

  • A certificate signing request (CSR) to be submitted to the CA.
  • A CA signed certificate (.cer) and private key to be converted to a Personal Information Exchange Format (PFX).

Click the appropriate action for more information.

CSR

To create a CSR:

  1. Right-click the Windows Start menu and then click Run.

Run

  1. In the Run UI, type MMC and then press OK.

Run UI

  1. From the Microsoft Management Console, select File, and then Add/Remove Snap-in.

Add/Remove Snap-in

  1. Select Certificates and then click Add.

Certificates

  1. Select Computer account and then click Next.

Computer account

  1. With Local computer selected, click Finish.

Local computer

  1. Click OK.

Adding Certificates snap-in

  1. In Console Root, expand Certificates.

Expanding Certificates

  1. Right-click Personal, select All Tasks, Advanced Operations, and then click Create Custom Request.

Create custom request

  1. Click Next.

Before You Begin

  1. Under Custom Request, select Proceed without enrollment policy and then click Next.

Select Certificate Enrollment Policy

  1. From the Custom request menu:
    1. Select template: (No template) Legacy key
    2. Select format: PKCS #10
    3. Click Next.

Custom request

  1. Expand Details and then click Properties.

Certificate Information

  1. In the General tab, populate the Friendly name and Description.

General tab

  1. In the Subject tab:
    1. From subject name, populate and then Add:
      1. Common name (CN)
      2. Organization
      3. Locality
      4. State
      5. Country
    2. From alternative name, populate the Dell Data Security server DNS and then click Add.

Subject tab

  1. In the Private Key tab:
    1. Expand Cryptographic Service Provider.
    2. Select Microsoft RSA SChannel Cryptographic Provider.
    3. Expand Key options.
    4. Select key size: 2048.
    5. Check Make private key exportable.
    6. Click OK.

Private Key tab

  1. Click Next.

Certificate Information

  1. Browse to a location to save the file and then click Finish.

Destination folder

Note: The CSR output can now be submitted to a third-party provider or internal certificate authority (CA).
PFX

To export a .pfx:

  1. Bring the CA signed certificate (.cer) to the machine where the CSR originated from.
  2. Right-click the .cer file and then click Install Certificate.

Install Certificate

Note: certtest.cer is an example certificate name. The certificate name may differ in your environment.
  1. In the Certificate Import Wizard, select Local Machine and then click Next.

Local Machine

  1. Select:
    1. Select Place all certificates in the following store.
    2. Click Browse.
    3. Click Personal.
    4. Click OK.
    5. Click Next.

Certificate Store

  1. Click Finish.

Completing the Certificate Import Wizard

  1. Click OK.

Successful import

  1. Right-click the Windows start menu and then click Run.

Run

  1. In the Run UI, type MMC and then press OK.

Run UI

  1. From Microsoft Management Console, select File, and then Add/Remove Snap-in.

Add/Remove Snap-in

  1. Select Certificates and then click Add.

Certificates

  1. Select Computer Account and then click Next.

Computer account

  1. With Local computer selected, click Finish.

Local computer

  1. Click OK.

Adding Certificates snap-in

Note: Ensure the root certificate of the third-party provider or internal CA is installed in trusted root certificates.
  1. Go to Certificates, Personal, and then Certificates.

Certificates

  1. Right-click the imported certificate (step 5), click All Tasks, and then click Export.

Export

  1. Click Next.

Certificate Export Wizard

  1. With Yes, export the private key selected, click Next.

Exporting the private key

  1. From the Export File Format menu:
    1. Select Personal Information Exchange - PKCS #12 (.PFX).
    2. Check Include all certificates in the certification path if possible.
    3. Check Export all extended properties.
    4. Click Next.

Export File Format

  1. Enter and confirm the Password. Once populated, click Next.

Security

  1. Browse to a location to save the .pfx and then click Next.

File to export

  1. Click Finish.

Completing the Certificate Export Wizard

  1. Click OK.

Successful export

  1. If using:
    • Dell Security Management Server Virtual (Formerly Dell Data Protection | Virtual Edition), go to Step 24
    • Dell Security Management Server (Formerly Dell Data Protection | Enterprise Edition), the .pfx creation process is completed.
  2. To successfully upload a .pfx, Dell Security Management Server Virtual requires:
    • A completed .pfx
    • A third-party FTP (file transfer protocol) client.
      • Examples of an FTP client include (but are not limited to):
        • Filezilla
        • WinSCP
        • FireFTP
Note:
  • Dell does not endorses or support any listed third-party product. The listed clients are meant to be an example of potential products a customer can use. Contact the product’s manufacturer for information about setup, configuration, and management.
  • Your FTP Client UI may differ from the below screenshot examples.
  1. Launch the FTP client.
  2. In the FTP client, Log in with an FTP user to the Dell Security Management Server Virtual.

FTP client login

Note: An FTP user must be created within the Dell Security Management Server. Reference How to Create an FTP User in Dell Security Management Server Virtual / Dell Data Protection Virtual Edition for more information.
  1. Go to /certificates/.

Certificate directory

  1. Move the .pfx from where it was saved (Step 20) to /certificates/.

Move the .pfx

  1. Close the FTP client.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Дополнительная информация

 

Видео

 

Затронутые продукты

Dell Encryption
Свойства статьи
Номер статьи: 000125477
Тип статьи: Solution
Последнее изменение: 20 Dec 2022
Версия:  10
Получите ответы на свои вопросы от других пользователей Dell
Услуги технической поддержки
Проверьте, распространяются ли на ваше устройство услуги технической поддержки.