Schneider Electric KVM2132P Switch User Manual


 
113KVM Switch KVM2132P, KVM2116P, KVM1116P User Manual
3. Save the CSR from the KVM. (Save the csr.cer into the OpenSSL installation folder
\OpenSSL\bin)
4. Move the directory "demoCA" into "bin" within the OpenSSL installation directory and add
directory "newcerts" in"demoCA"
5. Under the command prompt window, change the directory to \OpenSSL\bin and execute the
following commands in the command prompt:
a. openssl req -new -newkey rsa:1024 -days 3365 -nodes -x509 -keyout ca.key -out ca.cer
b. openssl.exe ca -policy policy_anything -config openssl.cfg -cert ca.cer -in csr.cer -keyfile
ca.key -days 360 -out new.cer
Note: 1. Commands should be entered all on one line. (Do not press [
ENTER] until all the
parameters have been entered).
2. If there are spaces in the input, surround the entry in quotes. Example: (apc by schneider-
electric).
To avoid having to input information during key generation the following additional parameters can be
used: /C /ST /L /O /OU /CN /emailAddress.
Importing the Files. After the openssl.exe program completes, two files, CA.key (the private key) and
CA.cer (the self-signed SSL certificate), are created in the directory. These are the files that you upload
in the Private Certificate panel of the Security page (see “Security” on page 75, and “Private Certificate”
on page 78).
If you encounter "Failed to update database, TXT_DB error number 2," you will need to edit a text file in
the OpenSSL program directory before continuing. The file "index.txt.attr" in the "demoCA" directory
will be generated after you run command "b" from step 4 above for the first time. Please edit it to
"unique_subject = no". The error should be solved. You should be able to run command "b" over and
over again with the certificate logged in "index.txt" for the same subject.
In order to upload the self signed certificate to the KVM switch, login to the KVM Switch and navigate
to Device Management->Security->Private Certificate section and click "Browse" next to private key.
Browse to the OpenSSL program directory and within the "bin" folder, choose "ca.key." Click "Browse"
next to Certificate and find "ca.cer." Press Open and then Upload. You should receive a message saying
Operation Succeeded.
Parameter Definition Max characters Example
/C Country: 2 US
/ST State or Province 32 Missouri
/L Locality 32 St. Louis
/O Organization: 64 Your Company, Ltd.
/OU Unit: 32 Techdoc Department
/CN Common Name: 32 mycompany.com
Note: This must be the exact domain name of the site that
you want the certificate to be valid for. If the site's domain
name is www.mycompany.com, and you only specify
mycompany.com, the certificate will not be valid.
/emailAddress Email Address: 64 administrator@yourcompany.com