Manuals / Nokia / Cell Phone / Cell Phone

Nokia IPSO 4.0 manual Generating and Installing SSL/TLS Certificates, 302

Models: IPSO 4.0

1 510
Download 510 pages 5.58 Kb
Page 302
Image 302

8

Generating and Installing SSL/TLS Certificates

IPSO uses the Secure Sockets Layer/Transport Layer Security (SSL/TLS) protocol to secure connections over the Internet from the Nokia Network Voyager client to the IPSO system. SSL/ TLS, the industry standard for secure Web connections, gives you a secure way to connect to Network Voyager. Creating a unique private key for your security platform and keeping it secret is critical to preventing a variety of attacks that could compromise the security platform security.

When you set up your system for the first time, change your SSL/TLS certificate from the default certificate. IPSO includes a default sample certificate and private key in the /var/etc/ voyager_ssl_server.crt and /var/etc/voyager_ssl_server.key files respectively.

The certificate and private key are for testing purposes only and do not provide a secure SSL/ TLS connection. You must generate a certificate, and the private key associated with the certificate, to create a secure connection by using SSL/TLS.

Note

For security purposes, generate the certificate and private key over a trusted connection.

Generating an SSL/TLS Certificate and Keys

To generate a certificate and its associated private key

1.Click Generate Certificate for SSL under Configuration > Security and Access > Voyager in the tree view.

2.Choose the Private Key Size that is appropriate for your security needs.

The larger the bit size, the more secure the private key. The default and recommended choice is 1024 bits.

3.(Optional) Enter a passphrase in the Enter Passphrase and the Re-enter Passphrase fields.

The passphrase must be at least four characters long. If you use a passphrase, you must enter the phrase later when you install your new key.

4.In the Distinguished Information section, enter identifying information for your system:

a.In the Country Name field, enter the two-letter code of the country in which you are located.

b.In the State or Province Name field, enter the name of your state or province.

c.(Optional) In the Locality (Town) Name field, enter the name of your locality or town.

d.In the Organization Name field, enter the name of your company or organization. If you are requesting a certificate from a certificate authority, the certificate authority may require the official, legal name of your organization.

e.(Optional) In the Organizational Unit Name field, enter the name of your department or unit within your company or organization.

f.In the Common Name (FQDN) field, enter the common name that identifies exactly where the certificate will go. The common name is most commonly the fully qualified

302

Nokia Network Voyager for IPSO 4.0 Reference Guide

Page 301 Page 303
Page 302
Image 302
Nokia IPSO 4.0 manual Generating and Installing SSL/TLS Certificates, Generating an SSL/TLS Certificate and Keys, 302
Page 301 Page 303