Trusted Certificates
Overview
When you try to log in to the device from your browser, a Security Alert message appears to inform you that the device's certificate is not trusted, and asks if you want to proceed.
The certificate can be trusted, but the alert is triggered because the certificate's name is not found on the Microsoft list of Trusted Authorities. You have two options. You can ignore the warning and click Yes to go on or you can install the certificate and have it be recognized as trusted.
If you are working on a client computer at another location, accept the certificate for just this session by clicking Yes.
If you are working at your own client computer, install the certificate on your client computer. After the certificate is installed, it will be recognized as trusted.
Installing the Certificate
1.In the Security Alert dialog box, click View Certificate to open the Certificate Information dialog box.
Note: There is a red and white X logo over the certificate to indicate that it is not trusted.
2.Click Install Certificate.
3.Follow the Installation Wizard to complete the installation. Unless you have a specific reason to choose otherwise, accept the default options.
4.When the Wizard presents a caution screen, click Yes.
5.Click Finish to complete the installation, then click OK to close the dialog box
Certificate Trusted. Click View Certificate, to see that the red and white X logo is no longer present.
Mismatch Considerations. If the site name or IP address used for generating the certificate no longer matches the current address of the switch a mismatch warning opens. Click Yes to go on, or disable mismatch checking. To disable mismatch checking:
1.After the page you are logging in to comes up, open the browser's Tools menu. Select Internet Options > Advanced.
2.Scroll to the bottom of the list and uncheck Warn about trusted certificates.
3.Click OK. The next time the browser is opened, the change will be in effect.
Self-Signed Private Certificates
To create your private key and certificate:
1.To create a self signed certificate, you will first need to create a Certificate Signing Request (CSR). See “Certificate Signing Request” on page 79 for details.
2.Downloaded openssl.exe and save it to \OpenSSL\bin on your hard drive.
–Create the SSL certificate using OpenSSL. OpenSSL 1.0.0d was tested and is available from http://www.openssl.org for Unix based systems. A Windows based version is located at the following website: http://www.openssl.org/related/binaries.html. No other programs l work for creating SSL certificates for the KVM Switches.
112 | KVM Switch KVM2132P, KVM2116P, KVM1116P User Manual |
