Cobalt Co9992-4ENC-4K-HEVC Software-Defined Broadcast Encoder User Manual
Page 127
127
2.
Load the CA Certificate in every Cobalt device. Figure 9 shows how to do this.
3.
Do one of the following:
a.
Generate matched Key/Certificate pairs (signed by the CA) for each Cobalt
device, and upload these using the process shown in Figure 6.
or
b.
Generate a CSR in each Cobalt device using the process shown in Figure 7. Have
the CA process the CSR to generate a certificate. Upload the certificate back into
the Cobalt device using the process shown in Figure 6.
4.
Configure the Cobalt device to use the user-supplied credentials, as shown in Figure 5.
The most secure is 3(3.b) above, since keys are never transmitted anywhere. However, it is the
most labor-intensive. This process is illustrated in Figure 8.
The process of loading an external CA certificate in the Cobalt device (Step 2) is shown in
Figure 9:
Open the device’s web page and select Click here for RIST Authentication Management.
In the
Uploading an External CA Certificate
, use the
Browse
button to find the PEM
file with the certificate.
Enter the device password and click on the
Upload CA Certificate
button.
The device will check out the certificate for correctness and validity, and, if accepted, will save
it. If the certificate is accepted, it can now be selected in DashBoard, as shown in Figure 9.
Figure 8: Using an external Certificate Authority
KEY
Secret
CA CERTIFICATE
Public
CERTIFICATE AUTHORITY
KEY
Secret
CERTIFICATE
Public
CSR
Public
CERTIFICATE
Public
Step 2
Step 1
Step 3(a)
Step 3(b)
DEVICE
DEVICE