Install a certificate and key on the LOM GUI

Citrix recommends using HTTPS to access the LOM GUI. To use HTTPS, you must replace the default SSL certificate with one from a trusted certificate authority and upload a private key to the LOM GUI.

To encrypt SNMP alerts, set up an SSL certificate and private key. In the GUI, navigate to Configuration > SSL Certification and apply the SSL certificate and private key. See the Citrix ADC Secure Deployment Guide for more information about how to securely deploy the LOM in your network. To enable encryption and learn the security measures for LOM, see Citrix ADC Secure Deployment Guide.

If you make a mistake, you must restore the BMC to the factory defaults to erase the certificate and key. Use the following shell command:

ipmitool raw 0x30 0x40

Note: The certificate file must contain only the certificate. The certificate and key must not be in the same file. Make sure that the certificate contains only the certificate and that the key file contains only the key.

Upload a trusted certificate and private key by using the LOM GUI

  1. Navigate to Configuration > SSL Certification.

    Install certificate key using LOM step 1

  2. In the right pane, click the Choose File buttons to select a new SSL certificate and a new private key.

    Install certificate key using LOM step 2

  3. To verify that you have selected the correct certificate and private key, check the file names of the certificate and key, which appear next to the Choose File buttons.

    Install certificate key using LOM step 3

  4. Click Upload. A message informs you that uploading a new SSL certificate replaces the existing (default) certificate.

  5. Click OK.

    Install certificate key using LOM step 5

  6. When a message informs you that the certificate and key have been uploaded successfully, click OK to reset the device.

    Install certificate key using LOM step 6A

    The reset takes approximately 60 seconds. You are then redirected to the logon page.

    Install certificate key using LOM step 6B

  7. Log on to the LOM GUI by using your default credentials. Note: If the certificate or key is invalid, the BMC reboots, tries the new settings, and reverts to using the previous settings.

  8. In the address bar, click the lock icon to display the connection tab, as shown in the following screenshot.

    Install certificate key using LOM step 8

  9. Click Certificate information to display details about the certificate that you uploaded.

    Install certificate key using LOM step 9

    Note: Best practices for LOM and ADC security are covered in Citrix ADC Secure Deployment Guide.

Install a certificate and key on the LOM GUI