User`s guide

USER’S GUIDE

AUTOMATIC TRANSFER SWITCH

126

Choosing a method for your system

Using the Secure Socket Layer (SSL) protocol, you can choose any of the

following methods for using digital certificates.

Method 1: Use the auto-generated default certificate. When you

enable SSL, you must reboot the Automatic Transfer Switch. During

rebooting, if no server certificate exists on the Automatic Transfer Switch,

the Automatic Transfer Switch generates a default server certificate that is

self-signed but that you cannot configure.

This method has the following advantages and disadvantages:

• Advantages:

– Before they are transmitted, the user name and password for

Automatic Transfer Switch access and all data to and from the

Automatic Transfer Switch are encrypted.

– You can use this default server certificate to provide encryption-

based security while you are setting up either of the other two digital

certificate options, or you can continue to use it for the benefits of

encryption that SSL provides.

• Disadvantages:

– The Automatic Transfer Switch takes up to 5 minutes to create this

certificate, and the Web interface is not available during that time.

(This delay occurs the first time you log on after you enable SSL.)

– This method does not include the browser-based authentication

provided by a CA certificate (a certificate signed by a Certificate

Authority) as Methods 2 and 3 provide. There is no CA Certificate

cached in the browser. Therefore, whenever you log on to the

Automatic Transfer Switch, the browser generates a security alert,

indicating that a certificate signed by a trusted authority is not

available and asking if you want to proceed.