User Manual
Table Of Contents
- PremierWave EN User Guide
- 1: Using This Guide
- 2: Introduction
- 3: Using DeviceInstaller
- 4: Network Settings
- 5: Line and Tunnel Settings
- 6: Configurable Pin Manager
- 7: Services Settings
- 8: Security Settings
- 9: Maintenance and Diagnostics Settings
- 10: Advanced Settings
- 11: Tunneling
- 12: Security in Detail
- 13: Updating Firmware
- A: Technical Support
- B: Binary to Hexadecimal Conversions
- C: Compliance
- D: Warranty
- E: USB-CDC-ACM Device Driver File for Windows Hosts
- Index
PremierWave EN User Guide 41
8: Security Settings
SSL Settings
Secure Sockets Layer (SSL) is a protocol for managing the security of data transmission over
the Internet. It provides encryption, authentication, and message integrity services. SSL is
widely used for secure communication to a web server, and also for wireless authentication.
Certificate/Private key combinations can be obtained from an external Certificate Authority
(CA) and uploaded into the unit. Self-signed certificates with associated private key can be
generated by the device server itself.
For more information regarding certificates and how to obtain them, see Chapter 12: Security
in Detail.
Certificate Upload Settings
SSL certificates identify the PremierWave EN to peers, and can be used with some methods
of wireless authentication. Additional uses will be possible in future releases Certificate and
key pairs can be uploaded to the PremierWave through either the CLI or XML import
mechanisms. Certificates can be identified on the PremierWave by a name provided at
upload time.
Table 8-1 Certificate Upload Settings
Certificate
Upload Settings
Description
Certificate
SSL certificate to be uploaded..
RSA or DSA certificates are allowed.
The format of the certificate must be PEM. It must start with “-----BEGIN
CERTIFICATE-----“ and end with “-----END CERTIFICATE-----“. Some
Certificate Authorities add comments before and/or after these lines. Those
need to be deleted before upload.
Private Key
The key needs to belong to the certificate entered above.
The format of the file must be PEM. It must start with “-----BEGIN RSA
PRIVATE KEY-----” and end with “-----END RSA PRIVATE KEY-----”. Read
DSA instead of RSA in case of a DSA key. Some Certificate Authorities add
comments before and/or after these lines. Those need to be deleted before
upload.
Table 8-2 Using the CLI to Upload an Existing SSL Certificate/Key Pair
Command level
enable>ssl
Commands
rsa <cert_name>
dsa <cert_name>
Table 8-3 Using XML to Upload an Existing SSL Certificate/Key Pair
Configuration group name
ssl
Configuration item name
RSA certificate or DSA certificate