User’s guide, Battery management system – APC Battery Management System User Manual

®

USER’S GUIDE

Battery Management System

128

Authentication of the server (in this case, the Management Card in the
Battery Management System master controller) occurs each time a
connection is made from the browser to the server. The browser checks to
be sure that the server’s certificate is signed by a Certificate Authority
known to the browser. For this authentication to occur:

• Each Battery Management System with SSL enabled must have a

server certificate on the Management Card itself.

• Any browser that is used to access the Battery Management System’s

Web interface must contain the CA root certificate that signed the
server certificate.

If authentication fails, the browser prompts you on whether to continue
despite the fact that it cannot authenticate the server.

If your network does not require the authentication provided by digital
certificates, you can use the default certificate that the Management Card
generates automatically. The default certificate’s digital signature will not be
recognized by browsers, but a default certificate enables you to use SSL for
the encryption of transmitted user names, passwords, and data. (If you use
the default certificate, the browser prompts you to agree to unauthenticated
access before it logs you on to the Web interface of the Battery
Management System.)

How SSH host keys are used.

An SSH host key authenticates the identity

of the server (the Management Card in the Battery Management System
master controller) each time an SSH client contacts the Battery
Management System. Each Battery Management System with SSH
enabled must have an SSH host key on the Management Card itself.