9: Administration
SGX 5150 IoT Device Gateway User Guide 111
To Upload an Authority Certificate
You can upload SSL authority, RSA, or DSA certificates.
To upload a trusted authority certificate:
1. In the Web Manager, click the Administration tab.
2. Click SSL.
3. Click Trusted Authorities.
4. Click Browse... to browse to and select an authority certificate.
5. Select the New Certificate Type from the drop-down window:
If you select SSL authority, RSA, or DSA certificates, select PEM or PKCS7.
If the Web Manager determines that the certificate is an authority certificate type, the field
updates to PKCS12 automatically. For PKCS12 certificates, type a Password.
Notes:
Ensure that the certificate is formatted properly with a valid open and close tag.
Ensure that the Private Key is associated to the selected certificate and that it is
formatted properly with a valid open and close tag.
If the New Certificate field is set to None, the certificate is not supported.
6. Click Submit.
CSR (Certificate Signing Request)
The SGX 5150 unit uses the Secure Socket Layer (SSL) protocol for any encrypted network traffic
between itself and a connected client. During the connection establishment the SGX 5150 unit has
to expose its identity to a client using a cryptographic certificate. Upon leaving the factory this
certificate and the underlying secret key is the same for all SGX 5150 units and will not match the
network configuration where it is installed. The certificate’s underlying secret key is also used for
securing the SSL handshake. Leaving the default certificate unmodified is all right in most
circumstances and is necessary only if the network facility is vulnerable to man-in-the-middle
attack.
It is possible to generate and install a new base64 encoded x.509 certificate that is unique for a
particular SGX 5150 unit. The SGX 5150 unit is able to generate a new cryptographic key and the
associated Certificate Signing Request (CSR) that needs to be certified by a certification authority
(CA).
To create and install an SSL certificate, perform the following steps.
1. On the Administration page, click SSL > CSR (Certificate Signing Request). The
Certificate Signing Request page displays.
2. Modify the following fields:
Table 9-44 SSL CSR (Certificate Signing Request)
Field Description
Country (2 Letter code) Enter the two-letter ISO code (e.g., US for the United States) for the country
where the organization is located.
State/Province Enter the state or province where the organization is located.
To Next Page
Loading...
Need help?
General
Weight and Dimensions
