Manualshelf

User's Guide

ManualsBrands7signal ManualsElectronicsSapphire
31323334353637383940
11 Creation And Use Of Encryption Keys 30
7signal Ltd, Panuntie 6, FI-00620 HELSINKI, FINLAND, +358 40 777 7611, info@7signal.com, www.7signal.com
7signal Sapphire Carat Carat User Guide Release 3.0
6.
After a key has been created, it can and should be attached to a wireless network.
1. From the top menu bar, select “View | Network topology
2. In the Network topology, select the network to which you want to add the encryption
key and right-click
3. Select “Edit”
4. Enter a contact person
5. Select a suitable encryption key for the network from the pull-down menu
6. Click “Save”
11.4 On Certificate-Based Encryption
There are input fields for the “CA certificate” andClient certificate”. It is recommended that
both certificates are added. If one certificate file contains all the information, it should be used
in both of the input fields. However, it is not mandatory to use certificate files if the certificate
or encryption system if the implementation is based on username/password.
The certificate container is expected to be accessible by the Carat GUI client in the local or
shared file system of the host machine. Accepted formats are the following:
CA certificate PEM, DER, PKCS12 (aka PFX)
Private key PKCS12 (aka PFX)
As a corollary, a single PKCS12 formatted file that contains the CA certificate as well as the
private key, can be used in both of the cases.
If conversions are required to achieve these formats, please consult Your Certificate Authority.
In Linux and Unix environments OpenSSL is commonplace tool and can handle the conversions
required.
TIP: Microsoft environments have certificate files with file extension CER. The file
content format typically is DER. To turn DER files into PEM, please use the
command below:
openssl x509 informat DER in <yours>.cer outformat PEM out <target>.pem
Windows environments have extension “PFX” to mark a typical certificate container file type.
This format is exactly PKCS12 format that typically has “p12” extension in Linux/Unix world.
7signal Sapphire does not care about the extension but the internal format of the file.