Manuals / Brands / Computer Equipment / Network Router / HP / Computer Equipment / Network Router

HP Client Bridge M111 Default installed private key/public key certificate chains, Certificate usage, Browse, Install, Service:, wireless.colubris.com:, Number of associated CAs:

1 88

Download 88 pages, 1.23 Mb

Working with the M111

Managing certificates

1.Specify the name of the certificate file or select Browse to choose one from a list. Certificates must be in PKCS #7 format.

2.Specify the PKCS #12 password.

3.Select Install to install the certificate.

Default installed private key/public key certificate chains

Note

The following private key/public key certificate chains are installed by default:

wireless.colubris.com: Default certificate used by the management tool.

When a web browser connects to the M111 using SSL, the M111 sends only its own SSL certificate to the browser. This means that if the certificate has been signed by an intermediate certificate authority, and if the web browser only knows about the root certificate authority that signed the public key certificate of the intermediate certificate authority, the web browser does not get the whole certificate chain it needs to validate the identity of the M111. Consequently, the web browser issues security warnings.

To avoid this problem, install an SSL certificate on the M111 only if it is directly signed by the root certificate authority or if you have appended all certificates that make up the chain.

Consequently, the web browser issues security warnings.

To avoid this problem, make sure that you install the entire certificate chain when you install a new certificate on the M111.

Note	An SNMP notification is generated when the M111’s SSL certificate is about to expire.

Certificate usage

To see the services that are associated with each certificate, select Security > Certificate usage. With the factory default certificates installed, the page will look like this:

Service: Name of the service that is using the certificate. To view detailed information on the certificate select the service name.

Authenticate to peer using: Name of the certificate and private key. The M111 is able to prove that it has the private key corresponding to the public key in the certificate. This is what establishes the M111 as a legitimate user of the certificate.

Number of associated CAs: Number of CA certificates used by the service.

3-42

Contents

Page Page HP ProCurve M111 Client Bridge Publication Number Applicable Products Trademark Credits Disclaimer Warranty 1 Introduction 2 Getting started 3 Working with the M111 Page Page A Regulatory information BResetting to factory defaults Page Introduction About this guide Warnings and cautions Commands and program listings Introducing the M111 Client Bridge Safety information Professional Installation Required Servicing HP ProCurve Networking support Before contacting support Online documentation Getting started Deploying the M111 Scenario 1: Connecting wired devices to a wireless network Note A. Configure your computer 192.168.1.1 C. Start the M111 D. Connect to the management tool and login https://192.168.1.1 admin Username Save About passwords Wireless Base MAC Home https://192.168.5.11 F.Configure a station profile General Enabled Profile name: WLAN name (SSID): AP’s MAC address: Scenario 2: Connecting a wired device using MAC address cloning G. Configure MAC cloning options Wireless > Bridging Ethernet MAC cloning Discovered MAC address Management tool (TCP port 443) H. Connect the wired device to the M111 Scenario 3: Connecting a serial device to a wireless network G. Configure the serial connection 2.Select Network > TCP Serial. The TCP to serial configuration page opens TCP connection Mode Serial port State TCP connection status Page Working with the M111 Page Management tool Manager and Operator accounts Passwords Security policies Web server Auto-refresh IP address configuration To configure IP addressing 1. Select Network > Ports Bridge port Assign IP address via Configure Radio configuration Wireless mode Restrict channels to Antenna selection Fast roaming threshold Fast roaming delta threshold Fast roaming threshold count Minimum SNR threshold Scan channel delay Fast scan channel delay Roaming persistence Using station profiles to establish a wireless link Active scanning enabled Priority General Profile name WLAN name (SSID) AP's MAC address Active scanning Wireless security Wireless protection Key source TLS: Security > 802.1X certificates TTLS: FAST: Validate server certificate: Viewing APs in the neighborhood Field descriptions Configuring Quality of Service (QoS) Priority mechanisms Very-high,high, normal, low priority Differentiated Services (DiffServ) TOS IP QoS Disabled Upstream DiffServ tagging Settings Connecting serial devices one Serial port connector To connect a serial device 2. Select Network > TCP serial. The TCP to serial configuration page opens TCP to serial configuration TCP connection Client: Remote IP address TCP port Server: Port control Drop wireless link when port 1 is connected TCP connection status DNS configuration DNS servers Dynamically assigned DNS servers Override dynamically assigned DNS servers DNS advanced settings DNS cache Handling unsupported traffic Cloning the address of a wired device Limitations Enabling Ethernet MAC cloning Discovered MAC address: Wireless access to the M111 when MAC cloning is active Setting up management traffic interception Management tool (TCP port 443) SNMP agent (UDP port 161) SNMP notifications (UDP port 162) Remote log (UDP port 514) Using filters to restrict wireless traffic Assigning a management address SNMP Attributes v1/v2c communities v3 users Notification receivers Host Managing certificates 802.1X — Install TLS client certificate Certificate file Password 802.1X — Manage TLS client certificates 802.1X — Trusted CA certificates Install 802.1X — Manage CA certificates Certificate Trusted CA certificate store Installing a new CA certificate CA certificate import formats Certificate and private key store Installing a new private key/public key certificate chain pair Default installed private key/public key certificate chains Changing the certificate assigned to a service About certificate warnings Configuration file management Backup configuration Reset configuration Restore configuration Software updates Performing an immediate software update select Install Performing a scheduled update 1.Enable Scheduled install Day of week Page Regulatory information Manufacturer's FCC Declaration of Conformity Statement Warning Exposure to Radio Frequency Radiation Countries of Operation & Conditions of Use Operation Using 5 GHz Channels in the European Community Disposal of Waste Equipment by Users in Private Household in the European Union DGT LPD (Low Power Device) Statement Resetting to factory defaults How it works