Appendix B: Certificates
138
NX-Series Controllers - WebConsole & Programming Guide
6. Click Install Certif icate. The Certificate Import Wizard opens. Click Next to access the Certificate Store page (FIG. 64).
7. Select Place all certificates in the following store, and click Browse. Select Trusted Root Certif ication Authorities from the
list that appears, and click OK.
8. Click Next, then verify the information is correct before clicking Finish. The certificate is installed.
9. Restart the browser or open a new browser, and navigate to the hostname of the Master. You should see a secure lock symbol
in the address bar (FIG. 65).
Creating/Updating the Duet TrustStore
The Duet TrustStore is the trusted CA repository for the Duet/Java environment. The default TLS factory in Java references the Duet
TrustStore to verify certificates of remote servers. Additional CAs can be installed to the Duet TrustStore to connect to servers
signed with a private/internal certificate or signed by a CA not trusted by the default JVM installation. The following instructions
describe how to update the Duet TrustStore. Updating the Duet TrustStore requires that a Java JDK/Keytool is installed on the host
system.
The default password for the TrustStore is changeit. You can change the password, but it is not necessary to do so. The primary
reason for making changes to the Duet TrustStore is so you can connect to an RMS server with a self-signed/internal signed
certificate via HTTPS.
Before updating the Duet TrustStore, you must download the Duet TrustStore via the Certificate Manager in NetLinx Studio. See the
NetLinx Studio Instruction Manual or the consult the NetLinx Studio online help for more information.
Using the Keytool, enter the following:
keytool -import -v -trustcacerts -alias myCa -file myCA.crt -keystore cacerts -keypass changeit
cacerts is the name of the Duet TrustStore downloaded from the NX
myCa is a unique alias for the CA
myCA.crt is the certificate for the CA
FIG. 64
Certificate Import Wizard - Certificate Store
FIG. 65 Secure Website
To Next Page
Loading...
