Manualshelf

User's Manual

ManualsBrands7signal ManualsElectronics7Signal Sapphire
31323334353637383940
11 Creation And Use Of Encryption Keys 31
7signal Ltd, Panuntie 6, FI-00620 HELSINKI, FINLAND, +358 40 777 7611, info@7signal.com, www.7signal.com
7signal Sapphire Carat Carat User Guide Release 3.1
11.2 Adding Encryption Keys (PSK)
11.2.1 Passphrase and pre-shared key
Pre-shared key authentication is sometimes called passphrase authentication. Standard
configuration interfaces allow user to type passphrase (that is converted to PSK) and
proprietary interfaces can allow direct entry of PSK.
WPA and WPA2 are both vulnerable to brute force attacks if you use weak PSK.
The user may enter either a PSK or a passphrase when creating WPA1/2 PSK.
11.2.2 Adding
Add a key by following the instructions below:
1. From the top menu bar, select “Manage | Network Keys” – the available key types and
existing keys are displayed in a hierarchical structure in the left pane
2. Right-click the key type you want to create and select “Add key”
3. Enter a name for the key
4. Enter the data required by the key type
a. There are significant differences in the data required for different key types
b. When “Show input” is checked, the user interface displays the passwords in
plain-text.
5. Save the key by clicking “Save”
After a key has been created, it should be attached to a wireless network.
1. From the top menu bar, select “View | Network topology
2. In the Network topology, select the network to which you want to add the encryption
key and right-click
3. Select “Add Key”
4. Select a suitable encryption key for the network from the pull-down menu
5. Click “Save”
11.3 On Certificate-Based Encryption
There are input fields for the “CA certificate” and “Client certificate”. It is recommended that
both certificates are added. If one certificate file contains all the information, it should be used
in both of the input fields.
The certificate container is expected to be accessible by the Carat GUI client in the local or
shared file system of the host machine. Accepted formats are the following:
CA certificate PEM, DER, PKCS12 (aka PFX)