Create a root certificate & server certificates, Summary, Addendum – American Power Conversion AIRACPA4000 User Manual

®

®

®

®

ADDENDUM

NetworkA

IR ACPA4000

29

Create a Root Certificate & Server Certificates

Summary

Use this procedure if your company or agency does not have its own
Certificate Authority and you do not want to use a commercial
Certificate Authority to sign your server certificates.

• Create a CA root certificate that will be used to sign all server

certificates to be used with Network Management Cards. During this
task, two files are created.

– The file with the

.p15

extension is an encrypted file which contains

the Certificate Authority’s private key and public root certificate. This
file signs the server certificates.

– The file with the

.crt

extension, which contains only the Certificate

Authority’s public root certificate. You load this file into each Web
browser that will be used to access the Network Management Card
so that the browser can validate the server certificate of the Network
Management Card.

• Create a server certificate, which is stored in a file with a .

p15

extension. During this task, you are prompted for the CA root certificate
that signs the server certificate.

• Load the server certificate onto the Network Management Card.

• For each Network Management Card that requires a server certificate,

repeat the tasks that create and load the server certificate.

The public RSA key that is part of a certificate generated by
the APC Security Wizard is 1024 bits. (The default key
generated by the Network Management Card, if you do not
use the Wizard, is 768 bits.)