Ssl certificate options, Creating an ssl server certificate – AMX NI-2100/3100/4100 User Manual

WebConsole - System Options

53

NI Series WebConsole & Programming Guide

Once any of the server port settings have been modified, press the Accept button to save these changes to
the Master. Once these changes are saved, the following message appears: "Unit must be rebooted for the
change to take effect".

Click the Reboot button (from the top of the page) to remotely reboot the target Master. No dialog
appears while using this button. The Device Tree then reads "Rebooting....". After a few seconds, the
Device Tree refreshes with the current system information (indicating updated port numbers).

SSL Certificate Options

There are three SSL Certificate options, presented as links along the bottom of this page:

Creating an SSL Server Certificate

Initially, a NetLinx Master is not equipped with any installed certificates. In order to prepare a Master for
later use with "CA" (officially issued) server certificates, it is necessary to:

First create a self-generated certificate which is automatically installed onto the Master.

Secondly, enable the SSL feature from the Enable Security page. Enabling SSL security
after the certificate has been self-generated insures that the target Master is utilizing a secure
connection during the process of importing a CA server certificate over the web.

Server Port Settings (Cont.)

Feature

Description

FTP:

The default port value used for FTP communication.
This port can be disabled/enabled but the value can not be changed.
• The default port value is 21.

If the Device Tree contents do not refresh within a few minutes, press the browser’s
Refresh button and reconnect to the Master.

SSL Certificate Options

Create SSL Certificate:

Opens the Create SSL Certificate window where you can create a self-
generated SSL certificate.
Note: A self-generated certificate has lower security than an external CA
(officially issued) generated certificate.

Export SSL Certificate Request: Takes the user to the Server Certificate page where they can view a previ-

ously created certificate.
An authorized user can also copy the raw text from a generated Certificate
request into their clipboard and then send it to the CA.

Import SSL Certificate:

Takes the user to the Import Certificate page where they can import and
paste the raw text from a CA issued Certificate.

A certificate consists of two different Keys:
The Master Key is generated by the Master and is incorporated into the text string
sent to the CA during a certificate request. It is unique to a particular request made on
a specific Master. Note that regenerating a previously requested and installed
certificate invalidates that certificate because the Master Key has been changed.
The Public Key is part of the text string that is returned from the CA as part of an
approved SSL Server Certificate. This public key is based off the submitted Master
key from the original request.