Files you create for ssl and ssh security, Addendum, Networka ir acpa4000 – American Power Conversion AIRACPA4000 User Manual

®

®

®

®

ADDENDUM

NetworkA

IR ACPA4000

27

Files you create for SSL and SSH security

Use the APC Security Wizard to create the following components of an SSL
and SSH security system:

• The server certificate for the Network Management Card, if you want

the benefits of authentication that such a certificate provides.You can
create either of the following types of server certificate:

– A server certificate signed by a custom CA root certificate also

created with the APC Security Wizard. Use this method if your
company or agency does not have its own Certificate Authority and
you do not want to use an external Certificate Authority to sign the
server certificate.

– A server certificate signed by an external Certificate Authority. This

Certificate Authority can be one that is managed by your own
company or agency or can be one of the commercial Certificate
Authorities whose CA root certificates are distributed as part of a
browser’s software.

• A certificate signing request containing all the information required for

a server certificate except the digital signature. You need this request if
you are using an external Certificate Authority.

• A CA root certificate.

• An SSH host key that your SSH client program uses to authenticate

the Network Management Card when you log on to the control console
interface.

All public keys for SSL certificates and all host keys for SSH
that are created with the APC Security Wizard are 1024-bit
RSA keys. If you do not create and use SSL server
certificates and SSH host keys with the APC Security
Wizard, the Network Management Card generates 768-bit
RSA keys.