Product Documentation

Install a certificate and key on the LOM GUI

Citrix recommends using HTTPS to access the LOM GUI. To use HTTPS, you must replace the default SSL certificate with one from a trusted certificate authority and upload a private key to the LOM GUI.

To encrypt SNMP alerts, setup an SSL certificate and private key. In the GUI, navigate to Configuration > SSL Certification and apply the SSL certificate and private key. See the Citrix ADC Secure Deployment Guide for more information about how to securely deploy the LOM in your network. To enable encryption and learn the security measures for LOM, see http://support.citrix.com/article/CTX129514.

If you make a mistake, you must restore the BMC to the factory defaults to erase the certificate and key. Use the following shell command:

**ipmitool raw 0x30 0x41 0x1**

Note: The certificate file must contain only the certificate. The certificate and key must not be in the same file. Make sure that the certificate contains only the certificate and that the key file contains only the key.

Upload a trusted certificate and private key by using the LOM GUI

  1. Navigate to Configuration > SSL Certification.

    LOM install certificate key

  2. In the right pane, click the Choose File buttons to select a new SSL certificate and a new private key.

    LOM instal certificate key

  3. To verify that you have selected the correct certificate and private key, check the file names of the certificate and key, which appear next to the Choose File buttons.

    LOM install certificate key

  4. Click Upload. A message informs you that uploading a new SSL certificate replaces the existing (default) certificate.
  5. Click OK.

    LOM install certificate key

  6. When a message informs you that the certificate and key have been uploaded successfully, click OK to reset the device.

    LOM install certificate key The reset takes approximately 60 seconds. You are then redirected to the logon page.

    LOM install certificate key

  7. Log on to the LOM GUI by using your default credentials. Note: If the certificate or key are invalid, the BMC reboots, tries the new settings, and reverts to using the previous settings.
  8. In the address bar, click the lock icon to display the connection tab, as shown on the screen below.

    LOM install certificate key

  9. Click Certificate information to display details about the certificate that you just uploaded.

    LOM install certificate key

    Note: For the best practices for LOM and ADC security, see http://support.citrix.com/article/CTX129514.

Install a certificate and key on the LOM GUI