In case you happen to manage a recent DELL server with a dedicated iDRAC remote management card and you’d like to secure it by using your own certificate, you’ll have to request a certificate based on a CSR request created directly in the iDRAC web interface.

Unfortunately these CSRs have only 1024 bit keys, which get refused by some public certificate. You can’t choose the bit length in the iDRAC web interface, but luckily there is another way to make it generate 2048 or 4096 bit long keys for the CSR using racadm from Dell’s System Management Tools:

View the current configuration (all on 1 line):

racadm.exe -r [iDRAC IP] -u [user] -p [password] getconfig -g cfgRacSecurity

Change the key length to 2048 bits (all on 1 line):

racadm.exe -r [iDRAC IP] -u [user] -p [password] config -g cfgRacSecurity -o cfgRacSecCsrKeySize 2048