Installing CA signed certificates on Dell EMC Unity arrays

1 Reply

I couldn’t find a lot of documentation on installing CA signed certificates on Dell EMC Unity arrays, so here are the steps:

1. Download and install openssl on your desktop/laptop.

2. Generate a cfg file using a txt editor, save it under c:\temp\unity1 folder as unity1_cfg.txt.

Example cfg file (modify for your environment):


[ req ]
distinguished_name = req_distinguished_name
encrypt_key = no
prompt = no
string_mask = nombstr
req_extensions = v3_req
[ v3_req ]
basicConstraints = CA:false
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = DNS:unity1.myitblog.local
[ req_distinguished_name ]
countryName = GB
stateOrProvinceName = State
localityName = London
0.organizationName = myitblog.co.uk
organizationalUnitName = IT
commonName = unity1.myitblog.local

3. Open command prompt and navigate to C:\Program Files (x86)\GnuWin32\bin.

Run the following command:

openssl req -new -nodes -out c:\temp\unity1\unity1.csr -newkey rsa:2048 -keyout c:\temp\unity1\unity1.pk -config c:\temp\unity1\unity1_cfg.txt

You should receive a message similar to the one below:

Generating a 2048 bit RSA private key ….+++ …………………………………..+++ writing new private key to ‘unity1.pk’ —–

You will now see 2 new files in the c:\temp\unity1 folder – the csr (.csr) and private key (.pk) files.

4. Using the csr file request a Base 64 encoded CA signed certificate.

Rename certificate file to unity1.crt once downloaded.

NOTE – the cert and the private key must have the same name!!!

5. Upload the .crt and .pk files to the Unity array using WinSCP and “service” account.

Once logged to Unity via Winscp navigate to the tmp folder in the root directory and create a folder called “certs”. Then upload the 2 files into this folder.

6. SSH to Unity array using “service” account, then navigate to the ./tmp/certs folder.

Run the following command.

svc_custom_cert unity1

NOTE – replace unity1 with whatever name you’ve given to your certificate

You should receive a message similar to the one below:

Successfully installed custom certificate files. Restarting web server …

7. The browser should now trust the Unity management URL and you won’t receive a certificate error anymore.

Post Views: 7,726

One thought on “Installing CA signed certificates on Dell EMC Unity arrays

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.