Freedom9 IP 100 Switch User Manual


 
freeView IP 100 User’s Manual
connection. If an encrypted connection cannot be made, an error will be reported.
6.5.4 Certificate
Figure 6-29: Certificate Settings
The freeView IP 100 uses the Secure Socket Layer (SSL) protocol for any encrypted network
traffic between itself and a connected client. During the connection establishment, the device has
to expose its identity to a client using a cryptographic certificate. By default, this certificate and
the underlying secret key is the same for all freeView IP 100’s and will not match the network
configuration that will the device is connected to. The certificate's underlying secret key is also
used for securing the SSL handshake. Hence, there is still a potential security risk when using
the default SSL certificate, but it is more secure than no encryption at all.
It is possible to generate and install a new certificate that is unique for a particular freeView IP
100. In order to do this, the freeView IP 100 can generate a new cryptographic key and the
associated Certificate Signing Request (CSR) that needs to be certified by a certification
authority (CA). A certification authority verifies that the device and identity are legitimate and
signs and issues a SSL certificate for the device.
The following steps are necessary to create and install a SSL certificate for the freeView IP 100:
Create an SSL Certificate Signing Request using the panel shown in Figure 6-29. Complete
the fields on the page. The fields are explained below. Once completed, click on the “Create”
63