Cobalt Co9992-4ENC-4K-HEVC Software-Defined Broadcast Encoder User Manual

129

Step 1 indicates that the CA Key for the device selected as CA must be downloaded for backup
purposes. If that device is ever damaged or lost, the key can be installed on an alternate device.
The CA Key can be downloaded in the DashBoard

Authentication

tab, as shown in Figure 11,

by clicking on the

Save

button. Note the following:



The default filename is

CA_KEY.BIN

, but it can be renamed as desired. Keep the

extension as .BIN so as it is recognized by DashBoard.



The file should be copied to a secure location.



The file is encrypted and uses a proprietary format. It is not compatible with any of the
usual TLS software packages. This is done as an additional level of security in case an
unauthorized third-party obtains a copy of the file. However, any supported Cobalt
device can use this file, so the best strategy is to keep the backup secure.

Uploading a saved key file to a Cobalt device is done through DashBoard, in a similar fashion as
a firmware update. Open the device, click on the

Upload

button at the bottom of the screen, and

navigate to the CA_KEY.BIN. Once the file is uploaded, the Cobalt device will automatically
re-generate all the internal certificates.

Figure 10: Using a Cobalt Device as the CA

KEY

Secret

CA CERTIFICATE

Public

Cobalt Device selected as CA

CSR

Public

CERTIFICATE

Public

CSR

Public

CERTIFICATE

Public

Backup

Step 1

Step 2

Step 3

Step 3

DEVICE

DEVICE