Linkskey LKV-IPM01 User Manual

KLE User Guide R1.2

SSL Access for LDAP Authentication Authentications
ldapcert.crt

ldapkey.pem
For details, refer to Section 4.15, User Management – Mange User Accounts, Radius

Accounting and Remote Authentications.

You don’t have to reboot each time when you finish uploading one certificates. You could do one

complete reboot at the end when you finish uploading all of them. To return to the previous Security page
for uploading another certificate just click its hyperlink on the left frame of the browser window.

Viewer Security Connection Level :

KLE offers three levels of security for viewer connection. On the drop-down combo

box, you can just choose either one of the three viewer security levels as appropriate

to your real demands on viewer connection security:

Level 1 - No SSL encryption, no SSL authentication
Level 2 - 128-bit encryption, server authentication by client
Level 3 - 128-bit encryption, full authentication (requires the installation of certificates)

Level 1 uses No SSL data encryption and No authentication. This is the most straightforward
setting that opens most convenience if there are no security concerns at all. Anyone who have

a viewer and internet connection could easily connect to KLE as long as the user passes the
policy requests.

Level 2 uses SSL encryption for viewer connection, but only requires server-side

authentication by viewer client. That is, remote users who want to make viewer connections
are not require to install certificates on their client computers. However, the viewer connection

is encrypted with 128-bit SSL technology to ensure any data contents transmitted via the

viewer connection is protected, including keyboard, mouse and video signals.

Level 3 uses 128-bit encryption as well a bi-directional PKI authentication between KLE
server and viewer client. With this level of setting, all remote users who want to make viewer

connection at all, should require installation of a proper client certificate, which is signed by

the same private key of the CA that issues the root.crt and server.crt of KLE.

There are altogether nine possible combinations of Viewer Security Levels + Password Policies that are

available for a flexibility to adapt to your security needs.

KLE server password : Here you should enter the password that has encrypted the

server private key in the server private key file, serverkey.pem. You should enter

the correct server password here in order to make successful viewer connection with
KLE in level 3 security setting - 128-bit encryption, full authentication (requires the

installation of certificates).

By default, the server private key is serverpwd, if you use the standard set of
certificates provided on the Support CD ROM disc.
However, if you use your own set of certificates, you should get the correct server

password from the Certificate Authority that issues those certificates.

User Password Policy :

KLE offers three types of password policies On the drop-down combo box, you can

select your password policy for viewer connections:

- -

83