Sony HVL-F20M External Flash User Manual
Page 20
20
• The certificate is not issued by a CA trusted
by the customer’s system.
For reasons of security, we recommend using
this certificate only when there is no problem
and a lack of total security is not a concern,
such as for testing.
• When [Use a self-signed certificate (For test
use)] is selected, a security alert appears when
initiating an SSL connection with a web
browser.
• SSL connection may not be possible
depending on the type of certificate installed in
the unit.
To import a certificate
Click the [Browse] button at the bottom right of
the setup screen and select the certificate. Click
the [OK] button in the file selection dialog to
import the selected file into the unit.
• The import process is invalid if the selected file
is not a certificate or if the format of the
imported certificate is not allowed.
• In software version 2.00 and later, the
following insecure certificates are disabled.
– Certificates with a private key of 1024 bits or
smaller
– Certificates that use a weak algorithm, such
as MD5/SHA1
To generate a self-signed certificate
A self-signed certificate must be generated
when [Use a self-signed certificate (For test use)]
is selected in [Certificate Options].
Click the [Generate] button to generate a self-
signed certificate in the unit.
Clicking the [Generate] button again after
generating a self-signed certificate will update
the self-signed certificate stored in the unit.
• Make sure to set the date and time on the unit
before performing this operation. If the date
and time are not set correctly, it may not be
possible to connect to the unit using a web
browser.
• Before clicking the [Generate] button to
generate a self-signed certificate, select [Use a
self-signed certificate (For test use)] in
[Certificate Options] and click the [OK] button.
To display the certificate contents
When the certificate has been configured in the
unit correctly, information from the certificate
appears in [Status], [Issuer DN], [Subject DN],
[Available Period], and [Extended Key Usage].
[Status]
Displays whether the status of the certificate is
valid or invalid. The following status types are
displayed.
[Valid]:
The certificate is correctly stored and
configured.
[Invalid]:
The certificate is not correctly stored
and configured. If invalid, possible causes are
as follows:
• [Use an external certificate] is selected but
the private key password included in the
certificate is not specified correctly.
• [Use an external certificate] is selected but
the private key included in the certificate is
not encrypted. Or the private key password
is specified but is not encrypted.
• [Use an external certificate] is selected but
the required private key is not included in
the certificate.
• [Use a self-signed certificate (For test use)]
is selected but a self-signed certificate has
not been generated.
When the certificate to be imported is in PKCS#12
format and the private key password is not
specified correctly, “<Put correct private key
password>” is displayed in the [Issuer DN],
[Subject DN], [Available Period], and [Extended
Key Usage] fields. Specify the correct private key
password.
To delete the imported certificate or self-
signed certificate
Click the [Delete] button on the setup screen to
delete the imported certificate or self-signed
certificate.
To specify the private key password
Enter a password comprising up to 50 characters
for the private key included in the certificate in
[Private Key Password]. Entry is supported only
when [Certificate Options] is set to [Use an
external certificate].
Leave the field for this parameter blank if the
private key included in the certificate is not
encrypted.
To enter the private key password, click the
[Reset] button and enter a password.
Click the [Cancel] button at the bottom of the
screen if you want to cancel changing the private
key password after clicking the [Reset] button.
Note that clicking the [Cancel] button also
restores all other setting items on the [SSL] tab to
the previous settings.
Notes
Notes
Notes
Note
Note