Figure 6-29: certificate settings – Freedom9 IP 100 User Manual

freeView IP 100 User’s Manual

connection. If an encrypted connection cannot be made, an error will be reported.

6.5.4 Certificate

Figure 6-29: Certificate Settings

The freeView IP 100 uses the Secure Socket Layer (SSL) protocol for any encrypted network

traffic between itself and a connected client. During the connection establishment, the device has

to expose its identity to a client using a cryptographic certificate. By default, this certificate and

the underlying secret key is the same for all freeView IP 100’s and will not match the network

configuration that will the device is connected to. The certificate's underlying secret key is also

used for securing the SSL handshake. Hence, there is still a potential security risk when using

the default SSL certificate, but it is more secure than no encryption at all.

It is possible to generate and install a new certificate that is unique for a particular freeView IP

100. In order to do this, the freeView IP 100 can generate a new cryptographic key and the

associated Certificate Signing Request (CSR) that needs to be certified by a certification

authority (CA). A certification authority verifies that the device and identity are legitimate and

signs and issues a SSL certificate for the device.

The following steps are necessary to create and install a SSL certificate for the freeView IP 100:

• Create an SSL Certificate Signing Request using the panel shown in Figure 6-29. Complete

the fields on the page. The fields are explained below. Once completed, click on the “Create”

63