11 - 36
Certificates
Note: Refer to the Security Primer (available on the Honeywell web site) to prepare the Authentication Server and Access Point
for communication.
Note: It is important that all dates are correct on the MX7 Tecton and host computers when using any type of certificate.
Certificates are date sensitive and if the date is not correct authentication will fail.
Root Certificates are necessary for EAP-TLS, PEAP/GTC and PEAP/MSCHAP.
1. See Generating a Root CA Certificate (page 11-36) and download it to a PC.
2. Connect the MX7 Tecton to the desktop PC using ActiveSync and copy the certificate to the MX7 Tecton \System folder.
3. See Installing a Root CA Certificate (page 11-39) and install the Root CA Certificate.
User Certificates are necessary for EAP-TLS.
1. See Generating a User Certificate (page 11-39) and download it to a PC.
2. Install the User Certificate on the PC.
3. See Exporting a User Certificate (page 11-42) and export the User Certificate as a .PFX file.
4. Connect the MX7 Tecton to the desktop PC using ActiveSync and copy the certificate to the MX7 Tecton \System folder.
5. See Installing a User Certificate (page 11-43) and install the User Certificate.
6. After installation, perform a Suspend/Resume.
7. Verify Installation (page 11-43).
Generating a Root CA Certificate
Note: It is important that all dates are correct on the MX7 Tecton and host computers when using any type of certificate.
Certificates are date sensitive and if the date is not correct authentication will fail.
The easiest way to get the root CA certificate is to use a browser on a PC to navigate to the Certificate Authority.
1. To request the root CA certificate, open a browser to http://<CA IP address>/certsrv.
2. Sign into the CA with any valid username and password.