Manualshelf

Installation guide

ManualsBrandsD-Link ManualsComputer equipmentDKVM-IP8
51525354555657585960
54
Force HTTPS
If this option is enabled access to the web front-end is only possible using an HTTPS
connection. The DKVM-IP8 switch will not listen on the HTTP port for incoming connections.
In case you want to create your own SSL certificate that is used to identify the DKVM-IP8
switch refer to the Section called Certificate.
KVM encryption
This option controls the encryption of the RFB protocol. RFB is used by the Remote Console to
transmit both the screen data to the administrator machine and ke yboard and mouse data back
to the host. If set to `Off' no encryption will be used. If set to `Try' the applet tries to make an
encrypted connection. In case connection establishment fails for any reason an unencrypted
connection will be used.
If set to “Force” the applet tries to make an encrypted connection with certificate. An error will be
reported in case connection establishment fails.
6.5.4 Certificate
Figure 6-23. Certificate Settings
The DKVM-IP8 switch uses the Secure Socket Layer (SSL) protocol for any encrypted
network traffic between itself and a connected client. During the connection establishment
the DKVM-IP8 switch has to expose its identity to a client using a cryptographic certificate.
Upon delivery, this certificate and the underlying secret key is the same for all DKVM-IP8
switch ever produced and certainly will not match the network configuration that will be applied to
the DKVM-IP8 switch cards by its user. The certificate's underlying secret key is also used for
securing the SSL handshake. Hence, this is a security risk (but far better than
no encryption at all).
However, it is possible to generate and install a new certificate that is unique for a particular
DKVM-IP8 switch card. In order to do that, the DKVM-IP8 switch is able to generate a new
cryptographic key and the associated Certificate Signing Request (CSR) that needs to be
certified by a certification authority (CA). A certification authority verifies that you are the person
who you claim you are, and signs and issues a SSL certificate to you.
The following steps are necessary to create and install a SSL certificate for the DKVM-IP8
switch: