So I have a few “hand me down” dell servers. The ones I use right now have iDRAC 7 in them. I have always been annoyed at the SSL warning that comes up. I thought about rolling my own CA and generating my own certs. I shot that down though as some times I pull up the iDRACs remotely from systems where I don’t want to install the custom root cert. I finally took the time to figure out how to take the Let’s Encrypt free SSL cert and apply it to the iDRACs. This is mainly due to they started issuing wildcard certs as of today.
So step one, reissue all my certs into one nice wildcard cert. Took a bit of effort but to make things simple for others that may find this. Install certbot-auto on a linux system and run something like:
./certbot-auto certonly --rsa-key-size=4096 -d domain.com -d *.domain.com --server https://acme-v02.api.letsencrypt.org/directory --manual
Follow the prompts and setup the verification checks as requested. If all goes well you will get a nice little dump of you have a new cert and it lives at /etc/letsencrypt/live/domain.com/.
From there I scp’ed the private key and the full chain down to my windows vm where I have racadm installed. For quick finding for those that need racadm installed on a windows system. (Download, unzip, run installer, good to go) After that all that was needed is to run 3 commands in a command prompt in the directory where the two files I scp’ed to the system.
racadm -r idrac1.domain.com -u adminuser -p adminpass sslkeyupload -t 1 -f privkey.pem
racadm -r idrac1.domain.com -u adminuser -p adminpass sslcertupload -t 1 -f fullchain.pem
After the iDRAC reset itself after those commands, I now had a shiny and valid SSL cert. There can be a small hiccup, and you may get a system that says “The Remote RACADM interface is disabled”. As long as you have trust in your firewalls, Overview->iDRAC Settings->Network->Services->Remote RACADM->Tick the enabled box and apply.
Next up to see if I can make Java not complain when loading the virtual console. Or perhaps scripting this some how to automatically check daily if new cert was issued and pull/push.
So with this new server I am setting up I wanted to install the Dell OpenManage software but got a headache from doing so. Just about everything I was finding was pointing me to CentOS based info and I am using an Ubuntu based system. Hence my headache. After hours of googling I finally found the page I did and it helped me get Dell OpenManage installed. Of course I had to mangle their instructions some but it was not to bad. Below is what I used and a link to the page that was helpful.
sudo echo 'deb http://linux.dell.com/repo/community/ubuntu trusty openmanage' | sudo tee -a /etc/apt/sources.list.d/linux.dell.com.sources.list
gpg --keyserver hkp://pool.sks-keyservers.net:80 --recv-key 1285491434D8786F ; gpg -a --export 1285491434D8786F | sudo apt-key add -
sudo apt-get update
sudo apt install srvadmin-base srvadmin-storageservices srvadmin-idrac7
# sudo apt install srvadmin-webserver
# sudo service dsm_om_connsvc start && sudo update-rc.d dsm_om_connsvc defaults
I ran into an issue recently where I tracked back that the systemd resolver was trying to be a tad to helpful and causing me pain through DNS. So I set out to kill and keep it disabled across reboots. In some quick googling I found a good answer on askubuntu.com.
Regurgitating what the answer is for my reference later and for anyone to find. (Along with a reference link below)
- Disable systemd-resolvd service:
sudo systemctl disable systemd-resolved.service
sudo systemctl disable systemd-resolved-update-resolvconf.service
sudo service systemd-resolved stop
- If file exists, add to “[main]” section in /etc/NetworkManager/NetworkManager.conf
- Delete symlink and replace /etc/resolv.conf
- Restart network-manager
sudo service network-manager restart
The newer version of the play store on Android phones moved the check box from what I would call a ideal location to one that while makes sense is the last place I would check.
For my personal note and anyone that find this:
Home screen, press hold
Scroll to bottom, toggle 'Add icon to Home screen'
I use a Nexus 6P as my day to day driver despite my phone having the early shutdown bug with the battery. (Currently working on getting an RMA, come on google I am at 4wks now waiting for outbound shipment.) I stumbled upon something that I just wanted to bookmark for use just in case I ever needed to find this again. Instead of a regular bookmark I figured it would be better if I made a public posting and linked the original artical.
settings put global wifi_wakeup_available 1
settings put global wifi_wakeup_enabled 1