EasyManua.ls Logo

Crestron Electronics CP4N - Page 180

Default Icon
220 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
174 4-Series™ Control Systems Product Manual Doc. 8559B
Obtain the Certificate
The exact procedures required to obtain a CA-signed certificate differ depending on the CA, but
in all cases, it is necessary to submit the request.csr file along with any other verification that the
CA requires.
To obtain the request.csr file:
1.
Using SSH, issue the move \sys\request.csr \user command.
2. Use an SFTP client to copy the request.csr file from \user directory of the control system.
In some cases, it may be necessary to open the .csr file in a text editing program and to copy and
paste the text between the "Begin certificate request" and "End certificate request" delimiters
before sending the file to the CA.
NOTE: All certificate files must be in .pem format.
Load the Certificate Files
Once the CA validates the request.csr file, the CA issues the validated certificate to the
requester. The following certificate files are required for deployment on the control system:
l
CA-signed certificate in .pem format
l
Certificates for each CA in the signing chain, with one certificate per file
NOTE:If the CA sends all signing certificates in a single file, it will be necessary to use
an editor to extract and store each certificate individually. Each certificate in such a
PEM bundle is delimited by “BEGIN CERTIFICATE” and “END CERTIFICATE” headers.
These headers must be included in each CA certificate file, along with the PEM data
between them.
To upload the CA-signed certificate to the control system:
1. If there are multiple certificates in the signing chain, install each non-root certificate in the
intermediate store as described in Add a Certificate (on page169).
2. Rename the remaining two certificate files (the root CA certificate and the signed
certificate file) as follows:
l
Rename the signed certificate file to “srv_cert.cer”.
l
Rename the root certificate file to “rootCA_cert.cer”.
3. Use an SFTP client to copy the two certificate files to the \user directory on the control
system.
4. Connect to the control system via SSH or Crestron Toolbox.
5.
Issue the delete \sys\rootCA_cert.cer and delete \sys\srv_cert.cer, commands to
delete any existing certificate files.
6.
Issue the move \user\rootCA_cert.cer \sys and move \user\srv_cert.cer \Sys
commands to move the new certificate files to the internal \sys directory.

Table of Contents

Related product manuals