User`s guide
14-1
14. Setting Up SSL Encryption
This section describes the procedure for setting up a secure connection via an https
web connection to the VMR/NPS.
Note: SSL parameters cannot be defined via the Web Browser Interface. In
order to set up SSL encryption, you must contact the VMR/NPS via the Text
Interface.
There are two different types of https security certificates: "Self Signed" certificates and
"Signed" certificates.
Self Signed certificates can be created by the VMR/NPS, without the need to go to an
outside service, and there is no need to set up your domain name server to recognize
the VMR/NPS. The principal disadvantage of Self Signed certificates, is that when you
access the VMR/NPS command mode via the Web Browser Interface, the browser will
display a message which warns that the connection might be unsafe. Note however,
that even though this message is displayed, communication will still be encrypted, and
the message is merely a warning that the VMR/NPS is not recognized and that you may
not be connecting to the site that you intended.
Signed certificates must be created via an outside security service (e.g., VeriSign
®
,
Thawte™, etc.) and then uploaded to the VMR/NPS unit to verify the user's identity. In
order to use Signed certificates, you must contact an appropriate security service and
set up your domain name server to recognize the name that you will assign to the
VMR/NPS unit (e.g., service.wti.com.) Once a signed certificate has been created and
uploaded to the VMR/NPS, you will then be able to access command mode without
seeing the warning message that is normally displayed for Self Signed certificate
access.
WEB ACCESS: [eth0] IPv4
HTTP:
1. Enable: On
2. Port: 80
HTTPS:
3. Enable: Off
4. Port: 443
SSL Certicates:
5. Common Name:
6. State or Province:
7. Locality:
8. Country:
9. Email Address:
10. Organization Name:
11. Organizational Unit: 15. Export Server Private Key:
12. Create CSR: 16. Import Server Private Key:
13. View CSR: 17. Harden Web Security: On
14. Import CRT: 18. TLS Mode: TLSv1
Enter: #<CR> to change,
<ESC> to return to previous menu ...
Figure 14.1: Web Access Parameters (Text Interface Only)