DELL HTTPs Boot User Guide

Introduction to HTTPs Boot

HTTPs Boot is a feature that allows you to boot your computer using the HTTP protocol. There are two modes available: Auto and Manual. In Auto mode, the system will automatically use the URL provided by the DHCP response. In Manual mode, you can manually enter the boot URL or web page address. The manual boot web page address must point to a .efi file and support alphanumeric strings with a maximum of 255 characters. HTTP and HTTPS protocols are supported.

• Auto Mode—By default, the Auto Mode is selected. The boot URL is obtained from Dynamic Host Configuration Protocol (DHCP) response.
• Manual Mode—Manual mode overrides the URL provided through the DHCP response. When the Manual Mode is selected, the option Enter Boot URL is displayed. This option allows you to manually enter the boot URL or the web page address. The manual boot web page address must point to .efi file and also support:
  • An alphanumeric string.
  • A maximum of 255 characters.
  • http://and https://
    NOTE: No error message is displayed when an unsupported URL is entered.

Upload and Delete the CA Certificate

To establish a connection with the HTTP Boot server, you must upload the Certificate Authority (CA) document. The certificate must be in .pem format, support X.509 certificate with 2048-bit encryption, have a filename with a minimum of five characters including the file extension, and be valid. Only one certificate is supported, and the time zone is not considered when the certificate is validated.

To establish a connection with the HTTPs Boot server, you must upload the Certificate Authority (CA) document. The certificate must:

• ● Be in .pem format.
  ● Support X.509 certificate with a 2048-bit encryption.
  ● Support a filename with minimum five characters including the file extension.
  ● Be valid.

Upload the CA certificate

Prerequisites: You must have the certificate available in an external storage USB drive, and it must be connected to the system.

1. Turn on or restart your computer.
2. Press F2 to enter BIOS Setup.
   • Note: When your system turns on, keep tapping the F2 key continuously for the BIOS Setup page to appear.
3. In the left pane, click Connection. The Connection page is displayed.
4. Click Upload, and select the certificate from the external storage drive. The certificate information such as owner, thumbprint, and validity are displayed.
5. Verify the information that is displayed and click Yes.

The CA certificate is uploaded, and the thumbprint is displayed in the Connection page.

Topics:

• Upload the CA certificate
• Delete the CA certificate

Delete the CA certificate

About this task: The existing CA certificate must be deleted to upload a new certificate.

1. Turn on or restart your computer.
2. Press F2 to enter BIOS Setup.
   • Note: When your system turns on, keep tapping the F2 key continuously for the BIOS Setup page to appear.
3. In the left pane, click Connection. The Connection page is displayed.
4. Click Delete.

The CA certificate is deleted, and the message “CA Certificate not provisioned” is displayed.

Results
The CA certificate is uploaded, and the thumbprint is displayed in the Connection page.

About this task
The existing CA certificate must be deleted to upload a new certificate.

Steps

1. Turn on or restart your computer.

2. Press F2 to enter BIOS Setup.
   NOTE: When your system turns on, keep tapping the F2 key continuously for the BIOS Setup page to appear.

3. In the left pane, click Connection. The Connection page is displayed.

4. Click Delete.

Results
The CA certificate is deleted, and the message CA Certificate not provisioned is displayed.

Launch HTTPs Boot

Prerequisites

•  Ensure that your system is connected to an electrical outlet.
• Ensure that the UEFI network stack is enabled.
• Ensure that the HTTP(s) Boot Feature is enabled.
• Select the required boot mode.
• Ensure that the CA certificate is uploaded.

Steps

1. Turn on or restart your computer.

2. Press the F12 key until the one time boot menu is displayed.
   NOTE: If you wait too long and the operating system logo is displayed, wait until you see the Windows desktop, restart your computer, and try again. When your system turns on, keep tapping the F12 key continuously for the one- time boot menu to appear.

3. Go to UEFI Boot Devices.

4. Select UEFI HTTPs Boot.
   NOTE: If the BIOS is admin password protected then you will be prompted to enter the password.

5. Connect to a wired or wireless network.
   NOTE: If a wired network is available, the HTTP(s) Boot Feature uses the wired network as the default interface.
   The following screen with server domain information is displayed when BIOS admin password is not configured or when the password is removed.

6. To connect to a wireless network perform the following steps:
   a. Select a wireless network icon from the list of available networks.
   NOTE: The blue bar in the wireless icon indicates the signal strength, and the small lock on the upper right of the icon indicates a secure access point.
   b. Depending on the type of wireless network, perform one of the following steps:

   • For a secured wireless network, enter the password and click Connect.
   • For an unsecured wireless network, click Connect.

HTTPs Boot default settings

The HTTPs Boot settings can be reset to the default values using one of the following methods:

• Use the LOAD DEFAULTS option in BIOS setup.
• Reset the BIOS admin password.
• Reset the CMOS battery.

Topics:

•  Enable Load Defaults option
• HTTPs Boot and admin password

Enable Load Defaults option

Steps

1. Turn on or restart your computer.

2. Press F2 to enter BIOS Setup.
   NOTE: When your system turns on, keep tapping the F2 key continuously for the BIOS Setup page to appear.

3. In the left pane, click Connection. The Connection page is displayed.

4. Click LOAD DEFAULTS.

Results
Table 1. HTTPs Boot settings default value

HTTPs Boot and admin password

You can modify the HTTPs Boot modes when the BIOS admin password is not configured.

When the password is configured, the HTTPs Boot options are disabled, and the password must be entered to modify the HTTPs Boot options. Asterisks (*) symbol is displayed in the manual boot URL for security reasons.

When the password is removed, all the HTTPs Boot options are restored to default values. The manual boot URL and the certificate are deleted. The HTTPs boot mode is set to Auto. For more information about BIOS admin password, see How to Reset or Clear the BIOS Password documents at https://www.dell.com/support.

Dell Command | Configure

Dell Command | Configure is a software package that provides BIOS configuration capability for Dell client systems. IT administrators can use this tool to configure BIOS settings and create BIOS packages using the Dell Command | Configure User Interface (UI) or Command Line Interface (CLI).
HTTPs Boot can be enabled or disabled using DCC tool.
The enable and disable options are password protected. If password protection is enabled, the password must be entered while modifying the attributes.
The HTTPs Boot feature operates in either Auto or Manual mode. By default, the Auto Mode is selected and the boot mode cannot be changed using the DCC tool.
For more information about DCC tool, see Dell Command Configure documents at https://www.dell.com/support.

Notifications

The following table provides a summary of different types of notifications that are displayed: Table 2. Notification messages

●    You enter the wrong URL format.

●    The URL does not have the file extension or if the file extension is available but not in .efi format.

●    The URL does not have either http:// or https:// prefix to it.

| Enter the correct URL.
Certificate error| This error occurs while uploading the CA certificate.| Upload the certificate again.
Unable to join the network. Check router and password.| The system is unable to establish a connection to a network or an access point.| ●    Ensure that the password entered is correct.

●    If the issue persists, try connecting through a different router.

Manual URL is not set. Please boot to HTTPs Boot settings (press F2) and set the URL.| The manual URL was not updated after selecting the manual mode.| Enter the URL manually in the BIOS Setup page.
Could not retrieve Network Boot Program (NBP) file size from HTTP server. Please check the network connection or contact network admin.| This message is displayed when:

●    You try connecting to HTTPs Boot server but failed to connect.

●    The NBP file is not available.

●    TLS handshake fails if the URL is HTTPs.

●    There is a certificate mismatch.

●    The packet timeouts.

●    There is a mismatch in the NBP image type.

| ●    Check the location of the NBP file on the path mentioned in the DHCP start-up file URL.

●    Check the certificate for the URL type. If the error is due to a certificate issue, use HTTP URL in place of HTTPs.

Either Enable WLAN in BIOS setup options or Use Wired/Internet interface. Then restart to resume the operation.| This message is displayed when:

●    There is no LAN cable connected, and the WLAN option in BIOS Setup is not enabled to use a wireless network.

●    The wireless initialization fails.

| Restart the process:

●    After enabling the WLAN option in BIOS Setup.

●    By connecting using a wired network.

●    After updating the BIOS.

Failed to find IP address.| This message is displayed when:

●    The system is not able to acquire IP addresses through Dynamic Host Configuration Protocol (DHCP).

●    There is no DHCP server that is connected to the network.

| ●    Check if the DHCP server is providing the start-up file URL in the DHCP offer packet.

●    Select the manual mode and enter the URL manually when the DHCP server cannot be configured. For more information about HTTPs Boot Modes, see Introduction to HTTPs Boot

Access forbidden, only HTTPs connection allowed. Please check that you have a valid URL.| The CA certificate is uploaded, and you try to connect to HTTPs server with an HTTP URL.| Enter a valid HTTPs URL.
No networks found.| There are no WiFi networks available to connect.| Check available WiFi network and signal strength.
Failed to initialize network connection.| The system is unable to configure both the wired and the wireless network.| For Wired connection:

●    Ensure that the system has LAN over Motherboard (LOM).

●    Ensure that a Type-C dock is connected if it is a non-LOM system.

Invalid URL address. Please boot to HTTPs Boot settings (press F2) and check that you have a valid URL.| The URL received from the DHCP response is invalid.| In the BIOS setup page, enter a valid URL in HTTPs Boot settings.

For information about how to set up or configure HTTP Boot on the server side, see the following web pages:

• UEFI HTTP Boot
• Configure HTTP Server and Build Client

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>