Version 6.2 63 February 2011
SIP User's Manual 3. Web-Based Management
¾ To replace the device's self-signed certificate:
1. Your network administrator should allocate a unique DNS name for the device (e.g.,
dns_name.corp.customer.com). This DNS name is used to access the device and
therefore, must be listed in the server certificate.
2. If the device is operating in HTTPS mode, then set the HTTPSOnly parameter to
'HTTP and HTTPS' (0) - see ''Configuring Web Security Settings'' on page 69. This
ensure
s that you have a method for accessing the device in case the new certificate
doesn’t work. Restore the previous setting after testing the configuration.
3. Open the ‘Certificates Signing Request' page (Configuration tab > System menu >
Certificates).
Figure 3-37: Certificates Signing Request Page
4. In the 'Subject Name' field, enter the DNS name, and then click Generate CSR. A
textual certificate signing request that contains the SSL device identifier is displayed.
5. Copy this text and send it to your security provider. The security provider (also known
as Certification Authority or CA) signs this request and then sends you a server
certificate for the device.
6. Save the certificate to a file (e.g., cert.txt). Ensure that the file is a plain-text file
containing the ‘BEGIN CERTIFICATE’ header, as shown in the example of a Base64-
Encoded X.509 Certificate below:
-----BEGIN CERTIFICATE-----
MIIDkzCCAnugAwIBAgIEAgAAADANBgkqhkiG9w0BAQQFADA/MQswCQYDVQQGEwJGUj
ETMBEGA1UEChMKQ2VydGlwb3N0ZTEbMBkGA1UEAxMSQ2VydGlwb3N0ZSBTZXJ2ZXVy
MB4XDTk4MDYyNDA4MDAwMFoXDTE4MDYyNDA4MDAwMFowPzELMAkGA1UEBhMCRlIxEz
ARBgNVBAoTCkNlcnRpcG9zdGUxGzAZBgNVBAMTEkNlcnRpcG9zdGUgU2VydmV1cjCC
ASEwDQYJKoZIhvcNAQEBBQADggEOADCCAQkCggEAPqd4MziR4spWldGRx8bQrhZkon
WnNm`+Yhb7+4Q67ecf1janH7GcN/SXsfx7jJpreWULf7v7Cvpr4R7qIJcmdHIntmf7
JPM5n6cDBv17uSW63er7NkVnMFHwK1QaGFLMybFkzaeGrvFm4k3lRefiXDmuOe+FhJ
gHYezYHf44LvPRPwhSrzi9+Aq3o8pWDguJuZDIUP1F1jMa+LPwvREXfFcUW+w==
-----END CERTIFICATE-----
7. In the 'Certificates Files' group, click the Browse button corresponding to 'Send Server
Certificate...', navigate to the cert.txt file, and then click Send File.
To Next Page
Loading...
Need help?
General
