User`s guide

USER’S GUIDE

AUTOMATIC TRANSFER SWITCH

134

How certificates are used. Most Web browsers, including all browsers

supported by the Automatic Transfer Switch, contain a set of CA root

certificates from all of the commercial Certificate Authorities.

Authentication of the server (in this case, the Automatic Transfer Switch)

occurs each time a connection is made from the browser to the server. The

browser checks to be sure that the server’s certificate is signed by a

Certificate Authority known to the browser. For this authentication to occur:

• Each Automatic Transfer Switch with SSL enabled must have a server

certificate on the Automatic Transfer Switch.

• Any browser that is used to access the Automatic Transfer Switch’s

Web interface must contain the CA root certificate that signed the

server certificate.

If authentication fails, the browser prompts you on whether to continue

despite the fact that it cannot authenticate the server.

If your network does not require the authentication provided by digital

certificates, you can use the default certificate that the Automatic Transfer

Switch generates automatically. The default certificate’s digital signature will

not be recognized by browsers, but a default certificate enables you to use

SSL for the encryption of transmitted user names, passwords, and data. (If

you use the default certificate, the browser prompts you to agree to

unauthenticated access before it logs you on to the Web interface of the

Automatic Transfer Switch.)

How SSH host keys are used. An SSH host key authenticates the identity

of the server (the Automatic Transfer Switch) each time an SSH client

contacts the Automatic Transfer Switch. Each Automatic Transfer Switch

with SSH enabled must have an SSH host key on the Automatic Transfer

Switch itself.