What to do when a Certificate Expires | AMX NI-3101-SIG specification

NetLinx Security within the Web Server

What to do when a Certificate Expires

Self-generated certificates have a duration period of approximately 30 years. Most externally requested CA certificates are generally valid for a period of approximately 1 - 5 years.

The only way to avoid a CA certificate becoming invalid due to a time expiration is to request a new certificate from your current CA.

Refer to theServer - Creating a Request for an SSL Certificate section on page 67 for more information on how to request an externally generated certificate.

NI-3101-SIG Signature Series NetLinx Integrated Controller	97

Image 107

AMX NI-3101-SIG manual What to do when a Certificate Expires

Contents

NI-3101-SIG AMX Limited Warranty and Disclaimer AMX Software License and Warranty Agreement Page Table of Contents NetLinx Security within the Web Server NetLinx Security with a Terminal Connection Programming 115 Troubleshooting 143 Page Introduction NetLinx Integrated Master Controller Features Front Panel Components NI-3101-SIG SpecificationsNI-3101-SIG Specifications Rear Panel Connectors D notation is used to represent a device number Changing the Device Address of a NetLinx Device section on Port Installation into an Equipment RackDevicePortSystem DPS Number Installation and Upgrading PRD Mode Settings Configuration Port Connections and WiringProgram Run Disable PRD mode Working with the Configuration DIP switch Modes and LED Blink Patterns Modes and Front Panel LED Blink PatternsPort Assignments and Functionality AXlink Port and LED Wiring a power connection Wiring GuidelinesWiring length guidelines Preparing captive wires Pin mini-Phoenix connector wiring diagram direct power Using the 4-pin mini-Phoenix connector for data and power Pin Signal Function RS-232 RS-422 RS-485 DB9 Device Port Connections and WiringRelay Port Connections and Wiring RS-232/422/485 Device Port Wiring Specifications Function Pin Input/Output I/O Port Connections and WiringIR/Serial Port Connections and Wiring Port Wiring Specifications NI-3101-SIG Connections Pairing LAN Ethernet/RJ-45 Port Connections and WiringIR/Serial Connector Wiring Specifications per Port LAN RJ-45 Pinouts and Signals LAN Ports Used by the NetLinx Integrated Controllers Replacing the Timekeeper BatteryLAN LEDs LAN ports used by the Integrated Controllers Connections and Wiring Page Communicating with the Master via the Program Port Overview Select Diagnostics Device Addressing from the Main menu Setting the System Value Device Addressing tab changing the system value Changing the Device Address of a NetLinx Device Using Multiple NetLinx Masters Axcess Devices use Axcess standards Using the ID Button to Change the Controller’s Device ValueRecommended NetLinx Device Numbers Example Previous DS=50011 Resetting the Factory Default System and Device Values Network Addresses dialog for a Dhcp IP Address Obtaining the Master’s IP Address using Dhcp Assigning a Static IP to the NetLinx Master Configuration and Firmware Update Communicating with the NI Device via an IP Communications Settings dialog TCP/IP Settings dialog Ex 050001 NI-700 Verifying the current version of NetLinx Master Firmware Firmware Kit File usage for NI Controllers Upgrading the On-board Master Firmware via an IP The Device number is always 0 for the NI Master Upgrading the NI Controller Firmware via IP Configuration and Firmware Update NetLinx Security within the Web Server Members of that group Accessing an Unsecured Master via an Http AddressNetLinx Security Terms NetLinx Security Terms Browser Application Frames Default Security Configuration Log In/Log Out fields Default Security Configuration case-sensitive Managing WebControl Connections Master Firmware Security Access ParametersWeb Control Feature Description Security FeaturesManage WebControl Connection Page Features Communication rights, and defining the files/directories Security FeaturesAccessible by a particular user Security System Level Security System Level Security Connector If not already logged Port. Refer to theSetting the Master’s Port Port Communication Settings Setting the system security options for a NetLinx Master Icsp Authentication Either the new or existing group Secondary window where a user can modify the rights forSecurity Group Level Security Manage Group Configure Group Properties Deleting an existing Group Adding a new GroupModifying the properties of an existing Group Properties Security User Level SecurityManage Users Configure User Properties Case sensitive and must be unique Configure Users PropertiesAdding a new User Deleting an existing User Modifying the properties of an existing User System Settings Manage System System Settings Parent device, which may require their own firmware Refreshing/Rebooting the Master updates this Online TreeManage System Page Components Each Master System Menu Changing the System Number Manage System System Menu ButtonsSystem Menu Modifying the Date/Time System Menu Controlling/Emulating Devices on the Master System Menu Rebooting the Master Select either the Control or Emulate option Valid Level Data Types and Ranges Manage System Diagnostics Diagnostics dialog showing modify popup Setting up and removing a Diagnostic Filter Remove Diagnostic Configuration DialogFeature Description Update Presets Feature Description Server Submenu Options Setting the Master’s Port ConfigurationsManage System Server Server Port Settings Modifying the Server Port Settings Done over a more secure Https connection Address field for communicationPort value Would be http//192.192.192.19299 Create an SSL Certificate dialog SSL Server Certificate Creation Procedures Server Certificate Entries Feature Description Server Certificate Field Information Server Creating a self-generated SSL Certificate Server Display SSL Server Certificate Information Server Creating a Request for an SSL Certificate Server Regenerating an SSL Server Certificate Request Server Exporting an SSL Certificate Request Common Steps for Requesting a Certificate from a CACommunicating with the CA Export SSL Certificate dialog Server Importing a CA created SSL Certificate Import SSL Certificate dialog Manage System Device Menu Buttons Device Menu Configuring the LAN SettingsNetwork Settings Dialog URL List dialog Device Menu Developing a URL List URL List dialog with entries Device Menu Changing the Device Number Device Menu Viewing the Log System Settings Manage LicenseDevice Menu Running a Diagnostic Filter Device Menu Controlling or Emulating a device Adding a new license System Settings Manage License Manage NetLinx Devices System Settings Manage NetLinx DevicesRemoving a license Each entry contains the data necessary to describe Device ListingsFirst entry lists those NetLinx Masters which have sent out NetLinx Discovery Master Announce packets NDPs Manage NetLinx Devices Binding/Unbinding Explained Manage NetLinx Devices Displaying NDP-capable devices Master in FIG Manage NetLinx Devices Obtaining NetLinx Device information Always be User-Defined devices Manage Other DevicesMaster Dynamic Devices provided to the Master via the NetLinx Dynamic Devices within the Manage Device Bindings Administrator the capability of removing existing modulesSave Settings After confirming the presence of those previously coded PC/LAN Internet either AMXs site or a device specified site for a Dynamic Device Discovery Concepts What is Dynamic Device Discovery? Be polled for devices Dddp Manage Other Devices Manage Device Bindings Configuring application-defined devices Manage Device Bindings What are Application Devices and their association status? View Discovered Devices Manage Other Devices Menu Viewing Discovered Devices Manage Other Devices Menu Creating a new User-Defined Device VCR How do I write a program that uses Dynamic Device DiscoverySDK-Class Types Hvac How do I configure a Run-time installation Accessing an SSL-Enabled Master via an IP Address Security Alert and Certificate popups Certificate Import Wizard Using your NetLinx Master to control the G4 panel WebControl VNC installation and Password entry screens What to do when a Certificate Expires Page User has access to the Icsp communication functionality NetLinx Security FeaturesInitial Setup via a Terminal Connection NetLinx Security Features Communications Accessing the Security configuration options Select to change current security option Security Options Menu Command DescriptionOption 2 Display system security options for NetLinx Master Edit User Menu New password from that point forwardOption 3 Add user Option 4 Edit User Access Rights Menu Access Rights Menu Edit Group Menu Option 5 Delete userOption 6 Show the list of authorized users Option 7 Add Group Path Edit Group menu Delete directory association Option 8 Edit Group Edit Group menu Change Access RightsEdit Group menu Display Access Rights Edit Group menu List directory associations Option 10 Show List of Authorized Groups Option 11 Set Telnet Timeout in secondsOption 12 Display Telnet Timeout in seconds Option 9 Delete Group Main Security Menu CommandMain Security Menu These functions are only visible to administrators. If a When changes are made to the security settingsSelection saved the current security settings into flash Nent, you will be prompted to save the settings at that Help Menu Options CommandDescriptionHelp menu Size via a NetLinx program, the program command Help Security Logging Into a SessionLogout Setup Security Converting Axcess Code to NetLinx Code Master SendCommandsMaster SendCommands ~IGNOREEXTERNAL ClockcommandsG4WC Master IP Local Port SendCommands Master IP Local Port SendCommandsUsing the ID Button DevicePortSystem DPS Configuration Port Commands Device Holdoff Onoff command Holdoff command reveals whether the state is On or OffDisables terminal characters echo display function Enables terminal characters echo display function Extended diagnostic information messages turned on Displays the current LAN configuration settingDisplays the related security commands Master. MSG OFF disables the display Codes section on page 131 for more information ONname,channelONDPS,channel To exit pass mode, type + + esc esc. Refer to the ESC Pass Sets the Master-to-Master route mode Reboots the Master or specified deviceReleases the Dhcp setting for the Master Master must be rebooted to acquire a new Dhcp lease DUETMEMSIZESETint should call Reboot following a set Via a NetLinx program, the program command Enter Y yes to approve/store the information into the Master Subnet Mask, and Gateway IP Address Connection Manager factory default=2000, currently=500 Use caution when adjusting these valuesInterpreter factory default=2000, currently=600 Notification Manager factory default=2000, currently=200 Frequency to be changed or eliminate the broadcast message Entering N no cancels the operation ExamplePrompts you to enter the new time for the Master Master-to-Master systems Example Displays a list of all devices present on the bus Example Each queue ExampleDisplays a list of any combined devices Example Most recent Displays the log of messages stored in the Masters memoryMaster logs all internal messages and keeps the most recent If end is not entered, the last 20 messages will be shown Desired from what device. Note the local system number is Message buffers that were ever present on the queueSee Show Buffers Number is Example Displays the current time on the Master Example Systems listed are in numerical order ExampleLists all active TCP/IP connections Example Escape Pass Codes ESC Pass CodesWindowsTM client programs Linux Telnet client RS232/422/485 Ports Channels LED Disable/Enable SendCommandsRS-232/422/485 SendCommands Ctspsh OFF ChardChardm Ctspsh Tset Baud RxoffRxon SET Baud XON RS-232/422/485 SendString Escape SequencesRS-232/422/485 SendString Escape Sequences Xoff IR / Serial Ports Channels IR/Serial SendCommandsIR/Serial SendCommands IR / Serial Ports Channels Cton Ctof POD GET ModePort 4 IR,CARRIER,IO Link Iroff Meters for the IR Ports PONPtof Pton XCH SET ModeSET IO Link Short cable length 10 feet Xchm SET Input Input/Output SendCommandsSendCommands GET Input For more information Troubleshooting InformationSymptom Solution Refer to the Configuration and Firmware Update section on Refer to the Upgrading the On-board Master Firmware via an LANPage It’s Your World Take Control