®
USER’S GUIDE
Switched Rack PDU
131
Method 3: Use the APC Security Wizard to create a certificate-signing
request to be signed by the root certificate of an external Certificate
Authority and to create a server certificate.
Use the APC Security
Wizard to create a request (a .csr file) to send to a Certificate Authority. The
Certificate Authority returns a signed certificate (a .crt file) based on
information you submitted in your request. You then use the APC Security
Wizard to create a server certificate (a .p15 file) that includes the signature
from the root certificate returned by the Certificate Authority. Upload the
server certificate to the Rack PDU.
This method has the following advantages and disadvantages.
• Advantages:
– Before they are transmitted, the user name and password for Rack
PDU access and all data to and from the Rack PDU are encrypted.
– You have the benefit of authentication by a Certificate Authority that
already has a signed root certificate in the certificate cache of the
browser. (The CA certificates of commercial Certificate Authorities
are distributed as part of the browser software, and a Certificate
Authority of your own company or agency has probably already
loaded its CA certificate to the browser store of each user’s
browser.) Therefore, you do not have to upload a root certificate to
the browser of each user who needs access to the Rack PDU.
– The length of the public key (RSA key) that is used for setting up an
SSL session is 1024 bits, providing more complex encryption and
consequently a higher level of security than the public key used in
Method 1. (This longer encryption key is also used in Method 2.)
You can also use Method 3 if your company or agency operates
its own Certificate Authority, Use the APC Security Wizard in the
same way, but use your own Certificate Authority in place of a
commercial Certificate Authority.