Using secure sockets layers, Introduction to ssl certificates, Server certificates – Dell PowerVault 725N (Rackmount NAS Appliance) User Manual

Using Secure Sockets Layers

This section explains how secure sockets layers (SSL) are used in the NAS system. It also explains how to use your own certificate, if you have one, and how
to regenerate your certificate.

Introduction to SSL Certificates

Certificates contain information used to establish system identities over a network. This identification process is called authentication. Although authentication
is similar to conventional forms of identification, certificates enable Web servers and users to authenticate each other before establishing a connection to
create more secure communications. Certificates also contain encryption values, or keys, that are used in establishing an SSL connection between the client
and server. Information, such as a credit card number, sent over this connection is encrypted so that it cannot be intercepted and used by unauthorized
parties.

Two types of certificates are used in SSL. Each type has its own format and purpose. Client certificates contain personal information about the clients
requesting access to your site, which allows you to positively identify them before allowing them access to the site. Server certificates contain information
about the server, which allows the client to positively identify the server before sharing sensitive information.

Server Certificates

To activate your Web server's SSL 3.0 security features, you must obtain and install a valid server certificate. Server certificates are digital identifications
containing information about your Web server and the organization sponsoring the server's Web content. A server certificate enables users to authenticate
your server, check the validity of Web content, and establish a secure connection. The server certificate also contains a public key, which is used in creating a
secure connection between the client and server.

The success of a server certificate as a means of identification depends on whether the user trusts the validity of information contained in the certificate. For
example, a user logging on to your company's website might be hesitant to provide credit card information, despite having viewed the contents of your
company's server certificate. This might be especially true if your company is new and not well known.

For this reason, certificates are sometimes issued and endorsed by a mutually trusted, third-party organization, called a certification authority. The certification
authority's primary responsibility is confirming the identity of those seeking a certificate, thus ensuring the validity of the identification information contained in
the certificate.

Alternatively, depending on your organization's relationship with its website users, you can issue your own server certificates. For example, in the case of a
large corporate intranet handling employee payroll and benefits information, corporate management might decide to maintain a certificate server and assume
responsibility for validating identification information and issuing server certificates. For more information, see "

Obtaining a Server Certificate From a

Certification Authority

."

PowerVault 725N Certificate

By default, your NAS system has a self-generated and self-signed certificate. The configured SSL port is 1279.

Using a Custom Certificate

If a certification authority is present in the network, the administrator can choose to change the default certificate for your NAS system. The administrator must
use the wizards to first request a certificate and then apply it to the NAS system.

Obtaining a Server Certificate From a Certification Authority

Find a certification authority that provides services that meet your business needs, and then request a server certificate.

To obtain a server certificate, perform the following steps:

1.

Log in to the NAS Manager.

2.

Click Maintenance, and then click Terminal Services.

3.

Log in to the NAS system as an administrator.

The Advanced Administration Menu displays. If it does not display, double-click the Advanced Administration Menu icon on the desktop of the NAS
system.

4.

Click System Management, and then from the list, click Internet Information Services.

5.

Navigate to and right-click the Administration folder, and then select Properties.

6.

Under Secure Communications on the Directory Security property sheet, click Server Certificate to access the Web Server Certificate Wizard.

7.

Use the Web Server Certificate Wizard to create a certificate request.

8.

Send the certificate request to the certification authority.

The certification authority processes the request and sends you the certificate.

NOTE:

For non-SSL communication, use port 1278. This port is not a secure port and all text is sent in plain text over the network.

NOTE:

If you are replacing your current server certificate, the Internet Information Server (IIS) continues to use the old certificate until the new request

has been completed.

NOTE:

For the latest list of certification authorities supporting IIS, see the Microsoft Security website. In the By Category list, select Certification

Authority Services.

NOTE:

The default administrative user name is administrator and the default password is powervault.