124 | APC Battery Management System instruction

Battery Management System

USER’S GUIDE

®

Method 3: Use the APC Security Wizard to create a certificate-signing

request to be signed by the root certificate of an external Certificate Authority and to create a server certificate. You use the APC Security Wizard to create a request (a .csr file) to send to a Certificate Authority. The Certificate Authority returns a signed certificate (a .crt file) based on information you submitted in your request. You then use the APC Security Wizard to create a server certificate (a .p15 file) that includes the signature from the root certificate returned by the Certificate Authority. You upload the server certificate to the Management Card in the Battery Management System master controller.

You can also use Method 3 if your company or agency operates its own Certificate Authority. Use the APC Security Wizard in the same way, but use your own Certificate

Authority in place of a commercial Certificate Authority. This method has the following advantages and disadvantages.

•Advantages:

–Before they are transmitted, the user name and password for Management Card access and all data to and from the Management Card are encrypted.

–You have the benefit of authentication by a Certificate Authority that already has a signed root certificate in the certificate cache of the browser. (The CA certificates of commercial Certificate Authorities are distributed as part of the browser software, and a Certificate Authority of your own company or agency has probably already loaded its CA certificate to the browser store of each user’s browser.) Therefore, you do not have to upload a root certificate to the browser of each user who needs access to the Battery Management System.

–The length of the public key (RSA key) that is used for setting up an SSL session is 1024 bits, providing more complex encryption and

124

Image 131

APC Battery Management System manual 124

Contents

Contents Battery Management System Menu Data Logging Web interface Using the APC Security Wizard Alarms Index Introduction Features of the System System capacity Battery Management Capabilities Battery management features Supported network management applications Network Management FeaturesNetwork Connection Access Description Supported Web browsers Getting Started Initial SetupConfiguring TCP/IP settings Useful terms Access priority for logging on Accessing the User InterfacesAccess Procedures Access priorities among the interfaces Web interface Keystrokes Actions Control console interface Battery Management System Snmp interface Account types and access Password-protected Accounts How to recover from a lost password Battery Management System Network interface watchdog mechanism Watchdog FeaturesResetting the network timer General system information Battery ManagementMain Screen Battery Manager III APP The version of the application APP Displaying data and alarms Battery System and Device Manager Menus Web interface Alarm Alarms reported Data causing the alarm Category Select Device Manager Select String Details Control console Web interface example Viewing details on alarms Problem Interpreting alarm detailsCategory Details Diagnostics Charger alarms Management Controller alarms Battery Management System Configuration menu Temperature Configuration Calibration menu A spreadsheet .\doc\en\AP9920MBRegMap xx.xls Select Modbus from the Battery System menuModbus Select Device Manager Reset Charge Current Deviation Benchmark Reset Discharge Voltages Menu options Access Restrictions and Menu OptionsAccess Network Menu TCP/IP Option Settings Battery Management System Battery Management System Battery Management System DNS Ping utility control console FTP Server Telnet/SSH Battery Management System Option Description Telnet SSH Server Configuration Apply ConfigurationKey, and the SSH server is not accessible during that time SSH User Host Key File Console, choose Advanced SSH Configuration and then Host Key Snmp Setting Definition Use the Email option to do the following Syslog Severe is mapped to Critical Informational is mapped to Info Battery Management System Web/SSL Battery Management System Web/SSL Network Configuration Http//171.215.12.1145000 Name and Password settings SSL Server Configuration SSL Server Certificate Advanced SSL Configuration SSL server is not available during that time System can take up to 5 minutes to create this certificate Organization O and Organizational Unit OU The name Parameter Description Battery Management System System Menu Purpose and access Radius Read-Only User User ManagerUsers, device for Device Manager users, and readonly for Radius Primary Server Secret Radius Setting Definition AccessTimeout Primary Server Administrator Device Manager Read-Only User Date & Time Identification Setting Definition Action Definition TCP/IP to DefaultsOTE WIth Boot mode set to Dhcp & Bootp , its default Tools Battery Management System Xmodem Preferences Web interface APC’s Web Site , Testdrive Demo , and APC Monitoring Setting Definition User LinksLinks Web interface About System control console Overview Event-related Menus Menu options Logged events Event Log Accessing the log How to use FTP or SCP to retrieve log files Scp username@hostnameoripaddressdata txt./data.txt Ftpdel event.txt or Ftpdel data.txt Event Log action Actions Option Web interface onlyEnabling and disabling event actions Severity levels of events Related topics Email action NMS identified by the Receiver NMS IP/Domain Name Recipients OptionTrap Receivers Generation Setting Description To AddressEmail Recipients Send via Email Test Email Option Requirements for using Smtp From Address Smtp settingsSetting Description Smtp Server DNS servers Event list access How to Configure Individual EventsOptions to configure individual events Event list format Event mask settings Bit number Action enabled or disabled for the event Settings for Bits 0 to Severity Event mask example Discharge cycle counter Event generation Severity Definition Severity levels defined Code Severity Description Management Card events Battery Management System Battery Management System Battery Management System events Battery Management System Define the Discharge and Charge Data Log intervals Data Logging Web interfaceDescription Configuration Boot Mode See Management Card settings Dhcp & Bootp boot process 103 Management Card settings Dhcp Configuration Settings 105 APC Cookie. Tag 1, Len 4, Data 1APC Cookie Is settingDhcp response options See Dhcp & Bootp boot process Boot Mode Transition. Tag 2, Len 1, Data 1/2 108 109 Security Access Description Security FeaturesPlanning and implementing security features Summary of access methods Snmp Port assignments Changing default user names and passwords immediately User names, passwords, community names Snmp Authentication versus encryption Authentication Secure SHell SSH and Secure CoPy SCP Encryption 116 Secure Sockets Layer SSL 118 Purpose Creating and Installing Digital Certificates Disadvantages Choosing a method for your systemAdvantages 121 122 Disadvantage 124 125 Firewalls Overview Using the APC Security WizardAuthentication 128 Files you create for SSL and SSH security 130 Summary Create a Root Certificate & Server Certificates \Program Files\American Power Conversion\APC Security Wizard Procedure 133 134 135 Scp cert.p15 apc@156.205.6.185\sec\cert.p15 Create a Server Certificate and Signing Request 138 139 Cer or .crt file 141 Create an SSH Host Key 143 Scp cert.p15 apc@156.205.6.185\sec\hostkey.p15 Retrieving and Exporting the .ini file Summary of the procedure Contents of the .ini file Detailed procedures NTPEnable=enabled Ftp put filename.ini Event text Description Event and its error messages Errors generated by overridden values Messages in config.ini Using the Device IP Configuration Wizard System requirements Purpose configure basic TCP/IP settingsPurpose and Requirements Download the wizard Install the Wizard Launch the Wizard Configure the basic TCP/IP settings remotelyUse the Wizard Select Remotely over the network, and click Next Select Locally through the serial port, and click Next Configure or reconfigure the TCP/IP settings locally File Transfers Benefits of upgrading firmware Upgrading FirmwareFirmware defined Obtain the latest firmware version See Firmware files Battery Management System Firmware files Battery Management System Firmware file transfer methods Apchw02aos264.bin Apchw02app260.bin \cd\apc Ftp put apchw02aos264.bin Ftp open 150.250.6.10 AOS module of apchw02aos264.bin 166 167 Code Description Verifying Upgrades and UpdatesLast Transfer Result codes Fault Criteria AlarmsFault Alarm Criteria Fault Situation/Condition Alarm Relay Status LEDs Alarm Relay and LED Operation Management Card TroubleshootingAccess problems Battery Management System Management Card Problem Solution Browsers Query the MIB mconfigTrapReceiverTable OIDs to Snmp issues Battery Management System Management Card Product Information Warranty and ServiceLimited warranty Warranty limitations Obtaining service service contracts Examples of life-support devices Life-Support PolicyGeneral policy Index About menu option Access Bootp Dhcp Facility Syslog setting File transfers 158 Management controller Smtp Snmp Telnet Xmodem APC Worldwide Customer Support Copyright