Installation guide
Creating and Installing Certificates
Acano solution: Deployment Guide R1.2 76-1006-06-K
Page 20
Note: The Web Bridge supports HTTPS only.
3. Upload the certificate file to the MMP via SFTP.
3.6 Adding the Call Bridge Certificate to the Web Bridge Trust
Store
The Web Bridge allows configuration of guest logins and image customizations to be pushed
from a Call Bridge (see Appendix K). It is important for the security of the deployment that
configuration is only accepted from call bridges which are trusted.
Trust between Call Bridge and Web Bridge is established by providing the Web Bridge with the
public certificate of the Call Bridge. The Web Bridge can use this to challenge the Call Bridge to
prove that it is the owner of the certificate by cryptographic means. Technically, client certificate
authentication in TLS is used. If the Call Bridge cannot prove that it is the owner of one of the
trusted certificates, the Web Bridge will not accept configuration.
With 1.1.0 or later, add the Call Bridge certificate to the Web Bridge trust store as shown below:
3.6.1 Single server example
For a single server deployment, find out which certificate Call Bridge is using by issuing the
callbridge command; then add the certificate to the trust store using the new webbridge
trust <callbridge_cert|certificate bundle> command.
acano>callbridge
Listening interfaces : a
Key file : callbridge.key
Certificate file : callbridge.cer
acano>webbridge disable
acano>webbridge trust callbridge.cer
acano>webbridge enable
SUCCESS: Key and certificate pair match
SUCCESS: Webbridge enabled