USER GUIDE

Figure 34 Security Settings

SSL settings

Force HTTPS - Access the Web front-end only using an HTTPS connection. DX User IP won't listen on the HTTP port for incoming connections.

KVM encryption - Controls the encrypting of the RFB protocol, used by the Remote Console to transmit the screen data to the administrator machine and keyboard and mouse data back to the host.

Off - No encryption used.

Try - Tries to make an encrypted connection. If unsuccessful, an unencrypted connection is used.

Force - Makes an encrypted connection.

SSL Certificate Management

DX User IP uses the SSL (Secure Socket Layer) protocol for any encrypted network traffic between itself and a connected client. When connecting, DX User IP reveals its identity to a client using a cryptographic certificate. This is the same for all DX User IPs and won't match the network configurations applied to the card by its user. The certificate's underlying secret key is also used for securing the SSL handshake. Hence, this is a security risk (but better than no encryption at all).

You can generate and install a new certificate unique to a particular card. DX User IP can generate a new cryptographic key and the associated Certificate Signing Request that needs to be certified by a certification authority (CA). A CA verifies you are who you claim to be and signs and issues a SSL certificate to you.

42

Page 43
Image 43
Minicom Advanced Systems DX User IP manual SSL settings, SSL Certificate Management