User guide
Table Of Contents
26
3-4.4 Certicate
The IP module uses the Secure Socket Layer (SSL) protocol for any encrypted network trafc between itself
and a connected client. During the connection establishment the IP module has to expose its identity to a
client using a cryptographic certicate. The default certicate comes with IP MODULE device upon delivery
is for testing purpose only. System administrator should not rely on this default certicate as the secured
global access mechanism through Internet.
However, it is possible to generate and install a new base64 X.509 certicate that is unique for a particular
IP module. In order to do that, the IP module is able to generate a new cryptographic key and the
associated Certicate Signing Request (CSR) that needs to be certied by a certication authority (CA). A
certication authority veries that you are the person who you claim you are, and signs and issues a SSL
certicate to you.
The following steps are necessary to create and install a SSL certicate for the IP
module:
■ Create a SSL Certicate Signing Request using the panel shown below. You need to ll out a number
of elds that are explained below. Once this is done, click on the button “Create” which will initiate the
Certicate Signing Request generation. The CSR can be downloaded to your administration machine
with the “Download CSR” button.
■ Send the saved CSR string to a CA for certication. You will get the new certicate from the CA after a
more or less complicated traditional authentication process (depending on the CA).
■ Upload the certicate to the IP module using the “Upload” button as shown below.