Intermec PM4i Time Clock User Manual


 
EasyLAN Wireless Interface Kit Installation Instructions 29
Chapter 4 — Setup in Fingerprint
Two Common names (TTLS and PEAP only): Two different
common names may be configured. If both are empty, the supplicant
will accept certificates regardless of the server certificate’s common
name. If the first common name is configured, the common name
(CN) of the server’s certificate must match the first common name.
If both common names are configured, the server’s certificate must
match one of them. e default is “” (accepts any common name).
Validate server certificate (TTLS and PEAP only): Verifies that the
installed CA certificate is the root of the server certificate. e default
is ON.
Note: Adverse effects on validation can occur if a real-time
clock (RTC) is not installed. Without an RTC, the current
time cannot be reliably read and validation does not take into
account the current date. Validation may still occur, but less
reliably than with an RTC.
For all 802.1x parameters, string length is limited to 96 characters.
For all parameters applicable to TTLS or PEAP: Selecting another EAP-
type disables these parameters, but does not erase their settings.
Using Certificates
When an overriding certificate is installed, it is converted to DER format
and copied to a specific location (/c/ADMIN/root.cer) so that accidental
removal is unlikely. You do not need to keep additional copies of the
certificate on the printer after you install the certificate.
Some certificate formats (notably PKCS #12) encrypt data using a pass
phrase. To import certificates that include anything other than an empty
pass phrase, the pass phrase is given in the same string as the path to the
certificate file. e pass phrase is never stored on the printer and is used
only once to convert the public key to a non-encrypted format.
To reinstall the default root CA certificate, install /rom/intermec.cer, or
remove the /c/ADMIN/root.cer file.