Chapter 9: Authentication

9.3 SSL Certificate

The console server uses the Secure Socket Layer (SSL) protocol for encrypted network traffic between itself and a connected user. When establishing the connection, the console server has to expose its identity to the user’s browser using a cryptographic certificate. The default certificate that comes with the console server device upon delivery is for testing purposes only.

The System Administrator should not rely on the default certificate as the secured global access mechanism for use through Internet.

Activate your preferred browser and enter https:// IP address. Your browser may respond with a message that verifies the security certificate is valid but notes that it is not necessarily verified by a certifying authority. To proceed, you need to click yes if you are using Internet Explorer or select accept this certificate permanently (or temporarily) if you are using Mozilla Firefox.

You will then be prompted for the Administrator account and password as normal.

We recommend that you generate and install a new base64 X.509 certificate that is unique for a particular console server.

To do this, the console server must be enabled to generate a new cryptographic key and the associated Certificate Signing Request (CSR) that needs to be certified by a Certification Authority (CA). A certification authority verifies that you are the person who you claim you are, and signs and issues a SSL certificate to you. To create and install a SSL certificate for the console server:

Figure 9-5. SSL certificates screen.

724-746-5500 blackbox.com

91

Page 91
Image 91
Black Box 1102, Secure Device Servers, 1101 manual SSL Certificate, SSL certificates screen