User’s guide, Battery management system – APC Battery Management System User Manual

®

USER’S GUIDE

Battery Management System

124

Method 3: Use the APC Security Wizard to create a certificate-signing
request to be signed by the root certificate of an external Certificate
Authority and to create a server certificate.

You use the APC Security

Wizard to create a request (a

.csr

file) to send to a Certificate Authority. The

Certificate Authority returns a signed certificate (a

.crt

file) based on

information you submitted in your request. You then use the APC Security
Wizard to create a server certificate (a .

p15

file) that includes the signature

from the root certificate returned by the Certificate Authority. You upload the
server certificate to the Management Card in the Battery Management
System master controller.

This method has the following advantages and disadvantages.

•

Advantages:

– Before they are transmitted, the user name and password for

Management Card access and all data to and from the Management
Card are encrypted.

– You have the benefit of authentication by a Certificate Authority that

already has a signed root certificate in the certificate cache of the
browser. (The CA certificates of commercial Certificate Authorities
are distributed as part of the browser software, and a Certificate
Authority of your own company or agency has probably already
loaded its CA certificate to the browser store of each user’s
browser.) Therefore, you do not have to upload a root certificate to
the browser of each user who needs access to the Battery
Management System.

– The length of the public key (RSA key) that is used for setting up an

SSL session is 1024 bits, providing more complex encryption and

You can also use Method 3 if your company or agency
operates its own Certificate Authority. Use the APC Security
Wizard in the same way, but use your own Certificate
Authority in place of a commercial Certificate Authority.