User manual
Security
mySND User Manual 76
7.6 How to Use Certificates Correctly
The SND Server has its own certificate management. This section
explains how certificates are used and when the use of certificates is
recommended.
What are
Certificates?
Certificates can be used in TCP/IP-based networks to encrypt data
and to authenticate communication partners. Certificates are
electronic messages containing a key (public key) and a signature.
Benefits and
Purpose
The use of certificates allows for various security mechanisms. Use
certificates in the SND Server
• to check the identity of the SND Server in the network; see:
’Configuring EAP-TLS’
Ö85.
• to authenticate the SND Server/client if the access to the
mySND File Browser
and the
mySND Control Center is protected
via HTTPS (SSL/TLS); see: Ö71.
If you use certificates, you should only grant administrator
privileges to administrators to prevent unauthorized persons from
deleting certificates on the SND Server; see: Ö42.
Which Certificates
are available?
Both self-signed certificates and CA certificates can be used with
the SND Server. The following certificates can be distinguished:
• Upon delivery, a certificate (the so-called default certificate) is
stored in the SND Server. It is recommended that you replace the
default certificate by a self-signed certificate or CA certificate as
soon as possible.
• Self-signed certificates have a digital signature that has been
created by the SND Server.
• CA certificates are certificates that have been signed by a
certification authority (CA).
• The authenticity of the CA certificate can be verified by means
of a so-called root certificate issued by the certification