General steps for a self-signed certificate – Allied Telesis AT-S63 User Manual

Page 595

Advertising
background image

AT-S63 Management Software Menus Interface User’s Guide

Section IX: Management Security

595

General Steps for Configuring the Web Server for Encryption

There are several procedures you need to perform in order to implement
HTTPS and web browser encryption on the switch. This section is here to
provide you with the general steps you need to do and the procedures for
performing them. There is a section for configuring the web server with a
self-signed certificate and another for a public or private CA certificate.

General Steps for

a Self-signed

Certificate

Below are the general steps for setting up the web server with a self-
signed certificate.

1. Set the switch’s date and time. You must do this before you create a

certificate because the date and time are stamped in the digital
document. For instructions, refer to “Setting the System Time” on
page 38.

2. Create a public and private key pair, as explained in “Creating an

Encryption Key” on page 598.

3. Create a self-signed certificate using the key pair, as explained in

“Creating a Self-signed Certificate” on page 614.

4. Add the certificate to the certificate database, as explained in “Adding

a Certificate to the Database” on page 618.

5. Configure the web server on the switch by activating HTTPS and

specifying the key pair used to create the certificate as the active key.
This step is explained in “Configuring the Web Server” on page 592.

General Steps for

a Public or

Private CA

Certificate

Below are the steps for setting up the web server with a public or private
CA certificate. This requires generating an enrollment request.

1. Set the switch’s date and time. You must do this before you create the

enrollment request. The date and time at stamped in the request. The
instructions for this are in “Setting the System Time” on page 38.

2. Create a public and private key pair, as explained in “Creating an

Encryption Key” on page 598.

3. Generate an enrollment request, as explained in “Generating an

Enrollment Request” on page 629.

4. Upload the enrollment request from the switch’s file system onto your

management station or a TFTP server, as explained in “Uploading a
System File” on page 196.

5. Submit the enrollment request to the public or private CA.

Advertising
Popular Brands
Popular manuals