freeView IP 800 User’s Manual
6.4.4Certificate
Figure 6-13: Certificate Settings
The freeView IP 800 uses the Secure Socket Layer (SSL) protocol for any encrypted network traffic between itself and a connected client. During the connection establishment, the device has to expose its identity to a client using a cryptographic certificate. By default, this certificate and the underlying secret key is the same for all freeView IP 800’s and will not match the network configuration that will the device is connected to. The certificate's underlying secret key is also used for securing the SSL handshake. Hence, there is still a potential security risk when using the default SSL certificate, but it is more secure than no encryption at all.
It is possible to generate and install a new certificate that is unique for a particular freeView IP
800.In order to do this, the freeView IP 800 can generate a new cryptographic key and the associated Certificate Signing Request (CSR) that needs to be certified by a certification authority (CA). A certification authority verifies that the device and identity are legitimate and signs and issues a SSL certificate for the device.
The following steps are necessary to create and install a SSL certificate for the freeView IP 800:
•Create an SSL Certificate Signing Request using the panel shown in Figure
•Send the saved CSR to a CA for certification. Once the CA has completed their authentication process, a new certificate will be issued for the device.
58