Chapter 8. Device Management

Private Certificate

When logging in over a secure (SSL) connection, a signed certificate is used to verify that the user is logging in to the intended site. For enhanced security, the Private Certificate section allows you to use your own private encryption key and signed certificate, rather than the default ATEN certificate.

There are two methods for establishing your private certificate: generating a self-signed certificate; and importing a third-party certificate authority (CA) signed certificate.

ŠGenerating a Self-Signed Certificate

If you wish to create your own self-signed certificate, a free utility – openssl.exe – is available for download over the web. See Self-Signed Private Certificates, page 256 for details about using OpenSSL to generate your own private key and SSL certificate.

ŠObtaining a CA Signed SSL Server Certificate

For the greatest security, we recommend using a third party certificate authority (CA) signed certificate. To obtain a third party signed certificate, go to a CA (Certificate Authority) website to apply for an SSL certificate. After the CA sends you the certificate and private encryption key, save them to a convenient location on your computer.

ŠImporting the Private Certificate

To import the private certificate, do the following:

1.Click Browse to the right of Private Key; browse to where your private encryption key file is located; and select it.

2.Click Browse to the right of Certificate; browse to where your certificate file is located; and select it.

3.Click Upload to complete the procedure.

Note: 1. Clicking Restore Default returns the device to using the default ATEN certificate.

2.Both the private encryption key and the signed certificate must be imported at the same time.

170