Transferring a server key material file – Siemens HIPATH V1.2.33 User Manual

Deployment Tool with TLS

90

Transferring a Server Key Material File

Pressing the View Certificates Button on a server key material file displays
the Key Material File Dialogue.

The certificates contained in the file are shown on the left-side of the dia-
logue. The details of the currently selected certificate are shown on the
right-side.

After the key material has been transferred to the phone, it will be used by
the phone to establish its next TLS connection to the Tool. To assist in
avoiding potential problems, the Tool attempts to build and validate a cer-
tificate chain from the file’s contents. The resulting chain, if any, is dis-
played at the top of the left-side of the dialogue. If the Tool was able to
validate the chain, the relevant trusted certificate, denoted by the Trusted
Certificate Icon, is shown at the end of the chain. Note that this certificate
is not present in the file itself, but resides in the Tool’s list of trusted certif-
icates. Any additional certificates, which were present in the file but not
used in the chain, are listed below.

If the Tool fails to build and validate a chain, an error message informs the
user of one of two scenarios:
•

The Tool was unable to find a suitable end-entity certificate. This may
mean that the certificates are all CA certificates. The Tool does not
search for a particular end-entity subject DN.

•

The Tool does not trust the chain. This means that none of the certifi-
cates in the chain were issued by any of the Tool’s trusted certificates.
If the chain contains CA certificates, the user can decide to trust the
highest CA certificate by selecting it, and pressing the “Trust Certifi-
cate” button at the bottom of the dialogue. The certificate will be add-
ed to the Tool’s list of trusted certificates, while still remaining in the
file.