Ssl prerequisites, Generate a certificate request – VBrick Systems ETHERNETV 4410-0118-0009 User Manual

120

© 2009 VBrick Systems, Inc.

SSL Prerequisites

•

In order to use the Portal Server in secure (HTTPS) mode, you must have a signed and
valid SSL certificate purchased from Verisign or another vendor. If the certificate is not
signed, or if it is expired or otherwise invalid, video playback issues will occur.

•

In an environment where the Portal Server is using SSL and a Network Video Recorder
(NVR) is running on a separate server, the NVR server must also have an SSL Certificate
installed in its IIS configuration or all NVR recording will fail.

•

Be aware that hardened SSL encryption requires significant resources and can
substantially impact performance. Use hardened SSL only when absolutely necessary in
environments that require all pages to be encrypted.

•

To use SSL, Amino set top box users must purchase a digital X.509 certificate from Verisign.
Other certificates may work but Verisign is the only certificate currently tested and supported
by VBrick.

1. Generate a Certificate Request

If your company does not have a X.509 certificate, or does not have one for the ETV Portal
Server, a new certificate request must first be created.

T

To generate a certificate request:

1. From the ETV Portal Server, start the Microsoft Internet Information Services (IIS)

Manager.

2. Expand the server name and select the web site for which the certificate will be installed.
3. Right-click the web site, and then click

Properties

.

4. Select the

Directory Security

tab.

5. Select the

Server Certificate

button within

Secure

communications to launch the Web

Server Certificate Wizard.

6. Select

Next

on the Welcome dialog box.

7. Select

Create a New Certificate

and then select

Next

. (If

Create a New Certificate

is

unavailable, the certificate has probably been installed already. If that is the case, skip the
rest of the steps, and go to Step 4. Configure ETV Resources for SSL. If you want to
create new certificate for ETV Portal Server, select

Remove the current certificate

to

remove the certificate first, and then restart the procedure.)

8. Select

Prepare the request now, but send it later

and then select

Next

.

9. Type a descriptive name for the certificate in the

Name

field, type a bit length for the key

in the

Bit length

field, and then select

Next

.

10. Type an organization name (e.g. VBrick) in the

Organization

field and type an

organizational unit (such as Sales Department) in the

Organizational unit

field, and select

Next

. (This information will be placed in the certificate request, so make sure it is

accurate. The Certificate Authority will verify this information and will place it in the
certificate. A user browsing the ETV Portal Server will want to see this information in
order to decide if they should accept the certificate.)

11. In the

Common name

field, type a common name, and then select

Next

. (Important: The

common name is one of the most significant pieces of information that ends up in the
certificate.)

12. Enter the appropriate information in the

Country/Region

,

State/Province

, and

City/

locality

fields, and then select

Next

.