EasyManua.ls Logo

Crestron Electronics CP4N - Certificate Management; Certificate Requirements

Default Icon
220 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
168 4-Series™ Control Systems Product Manual Doc. 8559B
Certificate Management
Security certificates for 802.1X and other security protocols can be added, removed, and
managed from the console.
The control system supports five types of certificates:
l
Root: The Root certificate is used by the control system to validate the network's
authentication server. 4-Series control systems have a variety of Root certificates,
self-signed by trusted CAs (Certificate Authorities), that are preloaded into the device.
Root certificates must be self-signed.
l
Intermediate: The Intermediate store holds non self-signed certificates that are used to
validate the authentication server. These certificates are provided by the network
administrator if the network does not use self-signed Root certificates.
l
User: The User store holds additional certificates not used in the 802.1X standard.
l
Machine: The Machine certificate is an encrypted PFX file that is used by the
authentication server to validate the identity of the control system. The machine
certificate will be provided by the network administrator, along with the certificate
password.
l
WebServer: A WebServer certificate is an encrypted PFX file that is used by the web
server. This certificate will be provided by the network administrator along with the
certificate password. This certificate is presented to any clients that connect to the web
server.
l
WebSocket: A WebSocket certificate is used to validate the network’s authentication
server via the WebSocket (WSS) protocol. This certificate is an encrypted PFX file.
NOTE: No more than one of each of the following certificate type may be stored on
the control system:Machine, WebServer, and WebSocket.
Certain certificates can also be managed using the Security Certificates function in Crestron
Toolbox. For more information, refer to the Crestron Toolbox help file.
Certificate Requirements
4-Series control systems support all standard X.509v3 certificates that use the following:
l
RSA key with length 2048, 3072, or 4096 bits
l
ECC keys with lengths based on standard curves
l
Hash algorithms using SHA-1, SHA-256, SHA-384, or SHA-512

Table of Contents

Related product manuals