Support User Manuals

Western Telematic AFS-16-1 Switch User Manual

Open as PDF

of 135

14-3

Setting Up SSL Encryption

4. After you have defined parameters 5 through 11, type 12 and press [Enter] (Create

CSR) to create a Certificate Signing Request. By default, this will overwrite any

existing certificate, and create a new Self Signed certificate.

a) The AFS-16 will prompt you to create a password. Key in the desired

password (up to 16 characters) and then press [Enter]. When the AFS-16

prompts you to verify the password, key it again and then press [Enter] once.

After a brief pause, the AFS-16 will return to the Web Access Menu, indicating

that the CSR has been successfully created.

b) When the Web Access Menu is re-displayed, press [Esc] several times until

you exit from the Network Parameters menu and the "Saving Configuration"

message is displayed.

5. After the new configuration has been saved, test the Self Signed certificate by

accessing the AFS-16 via the Web Interface, using an HTTPS connection.

a) Before the connection is established, the AFS-16 should display the warning

message described previously. This indicates that the Self Signed certificate

has been successfully created and saved.

b) Click on the "Yes" button to proceed. The AFS-16 will prompt you to enter

a user name and password. After keying in your password, the main menu

should be displayed, indicating that you have successfully accessed command

mode.

14.2. Creating a Signed Certificate

To create a Signed certificate, and eliminate the warning message, first set up your

domain name server to recognize the Common Name (item 5) that you will assign to

the unit. Next, complete steps one through five as described in Section 14.1 and then

proceed as follows:

1. CapturetheNewlyCreatedCertificate: Type 13 and press [Enter] (View CSR).

The AFS-16 will prompt you to configure your communications (Telnet) program to

receive the certificate. Set up your communications program to receive a binary

file, and then press [Enter] to capture the file and save it. This is the Code Signing

Request that you will send to the outside security service (e.g., VeriSign, Thawte,

etc.) in order to have them sign and activate the certificate.

2. ObtaintheSignedCertificate: Send the captured certificate to the outside

security service. Refer to the security service's web page for further instructions.

previous next