_____________________________________________________________________
B096-016 B096-048 and B092-016 User Manual Page 191
You will be prompted to enter a lot of information. Most of it doesn't matter, but the "Common
Name" should be the domain name of your computer (e.g. test.tripplite.com). When you have
entered everything, the certificate will be created in a file called ssl_cert.pem.
3. Installing the key and certificate
The recommended method for copying files securely to the Console Server unit is with an SCP
(Secure Copying Protocol) client. The scp utility is distributed with OpenSSH for most Unices,
while Windows users can use something like the PSCP command line utility available with
PuTTY.
The files created in steps 1 and 2 can be installed remotely with the scp utility as follows:
scp ssl_key.pem root@<address of unit>:/etc/config/
scp ssl_cert.pem root@<address of unit>:/etc/config/
or using PSCP:
pscp -scp ssl_key.pem root@<address of unit>:/etc/config/
pscp -scp ssl_cert.pem root@<address of unit>:/etc/config/
PuTTY and the PSCP utility can be downloaded from
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
More detailed documentation on the PSCP can be found:
http://the.earth.li/~sgtatham/putty/0.58/htmldoc/Chapter5.html#pscp
4. Launching the HTTPS Server
Note that the easiest way to enable the HTTPS server is from the Management Console. Simply
click the appropriate checkbox in Network -> Services -> HTTPS Server and the HTTPS server
will be activated (assuming the ssl_key.pem & ssl_cert.pem files exist in the /etc/config
directory).
Alternatively, inetd can be configured to launch the secure fnord server from the command line
of the unit as follows.
Edit the inetd configuration file. From the unit command line:
vi /etc/config/inetd.conf
Append a line: