Lantronix SGX 5150 User Guide - Page 106
CSR (Certificate Signing Request), Table 9-39
View all Lantronix SGX 5150 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 106 highlights
9: Administration Notes: Ensure that the certificate is formatted properly with a valid open and close tag. Ensure that the Private Key is associated to the selected certificate and that it is formatted properly with a valid open and close tag. If the New Certificate field is set to None, the certificate is not supported. 6. Click Submit. CSR (Certificate Signing Request) The SGX 5150 unit uses the Secure Socket Layer (SSL) protocol for any encrypted network traffic between itself and a connected client. During the connection establishment the SGX 5150 unit has to expose its identity to a client using a cryptographic certificate. Upon leaving the factory this certificate and the underlying secret key is the same for all SGX 5150 units and will not match the network configuration where it is installed. The certificate's underlying secret key is also used for securing the SSL handshake. Leaving the default certificate unmodified is all right in most circumstances and is necessary only if the network facility is vulnerable to man-in-the-middle attack. It is possible to generate and install a new base64 encoded x.509 certificate that is unique for a particular SGX 5150 unit. The SGX 5150 unit is able to generate a new cryptographic key and the associated Certificate Signing Request (CSR) that needs to be certified by a certification authority (CA). To create and install an SSL certificate, perform the following steps. 1. Click Administration > SSL > CSR (Certificate Signing Request). The Certificate Signing Request page displays. 2. Modify the following fields: Table 9-39 SSL CSR (Certificate Signing Request) Field Description Country (2 Letter code) Enter the two-letter ISO code (e.g., US for the United States) for the country where the organization is located. State/Province Enter the state or province where the organization is located. Locality (City) Enter the city where the organization is located. Organization Enter the organization name to which the SGX 5150 unit belongs. Organization Unit Enter the department within the organization to which the SGX 5150 unit belongs. Common Name Enter the network name of the SGX 5150 unit once it is installed in the user's network (usually the fully qualified domain name). It is identical to the name that is used to access the SGX 5150 unit with a web browser without the prefix http:// . In case the name given here and the actual network name differ, the browser will pop up a security warning when the SGX 5150 unit is accessed using HTTPS. Key length Select the key length: 2048 or 4096. 3. Click Submit to initiate the Certificate Signing Request generation. After a few moments, the CSR file created will appear. 4. Click the CSR file to download it if desired. SGX 5150 IoT Device Gateway User Guide 106