SX-AX15 (20) Certificate

Utility User Manual

Page 1

I. Overview

The Certificate Utility (CUU.exe) is designed to create and distribute Secure Socket Layer (SSL)
certificates to Axess units and the PCs that communicate with them. Although the Axess comes
from the factory with a certificate installed, this certificate will generate a warning message when
connecting to the Axess when using SSL. For most customers, this error message can be easily
ignored and secure connection to the Axess continues. For customers with special
circumstances, the CU was designed to facilitate creation and distribution of SSL Certificates
tailored to a specific Axess, eliminating the error message entirely. There are two methods that
can be used to create and distribute the certificates:

1. Self Signed Certificates. A Self-signed certificate is the most

common approach. In this approach, the CU generates multiple
certificates, each unique and based on the IP address, or DNS
name of each Axess. The CU also provides the means to install
the certificate on the Axess, making it easy to generate and
distribute. Upon initial connection to the Axess, the user will be
offered an opportunity to install the certificate from the Axess.
This is done once for each browser on the PC and each Axess.

2. Root Certificate Authority. The Root Certificate Authority method

pre-installs the certificates required in both the PC and the Axess.
This eliminates the need for accepting the certificate from each
Axess on each PC. The Root Certificate is generated and installed
in each PC prior to communication with the Axess. The Root
Certificate also is used, along with the IP address or domain of the
Axess, to generate the certificates that are installed in the Axess.

Self Sign Method

Step 1: Using the CU, create one unique Certificate based on the IP Address
of each Axess.

Step 2: Use the CU to upload the Certificates to each Axess.

Step 3: Upon connecting to the Axess, each PC accepts the certificate
installed in the Axess.

Root Certificate Authority Method

Step 1: Create A Root Certificate Authority (CA) using the Certificate Upload
Utility (CU).

Step 2: Install the CA into any PCs that need to communicate with the Axess
units.

Step 3: Create certificates for each Axess using the CU. Each certificate is
unique and based on the CA and the Axess IP Address or domain name.

Step 4: Install the certificate into the Axess unit(s) using the CU.