Working with the M111
Managing certificates
1.Specify the name of the certificate file or select Browse to choose one from a list. Certificates must be in PKCS #7 format.
2.Specify the PKCS #12 password.
3.Select Install to install the certificate.
Default installed private key/public key certificate chains
Note
The following private key/public key certificate chains are installed by default:
wireless.colubris.com: Default certificate used by the management tool.
When a web browser connects to the M111 using SSL, the M111 sends only its own SSL certificate to the browser. This means that if the certificate has been signed by an intermediate certificate authority, and if the web browser only knows about the root certificate authority that signed the public key certificate of the intermediate certificate authority, the web browser does not get the whole certificate chain it needs to validate the identity of the M111. Consequently, the web browser issues security warnings.
To avoid this problem, install an SSL certificate on the M111 only if it is directly signed by the root certificate authority or if you have appended all certificates that make up the chain.
Consequently, the web browser issues security warnings.
To avoid this problem, make sure that you install the entire certificate chain when you install a new certificate on the M111.
Note | An SNMP notification is generated when the M111’s SSL certificate is about to expire. |
Certificate usage
To see the services that are associated with each certificate, select Security > Certificate usage. With the factory default certificates installed, the page will look like this:
Service: Name of the service that is using the certificate. To view detailed information on the certificate select the service name.
Authenticate to peer using: Name of the certificate and private key. The M111 is able to prove that it has the private key corresponding to the public key in the certificate. This is what establishes the M111 as a legitimate user of the certificate.
Number of associated CAs: Number of CA certificates used by the service.