Configuring Secure Sockets Layer (SSL) Configure SSL clients
Digi TransPort® Routers User Guide
540
Apply to Destination IP Address
Allows the configuration of multiple SSL destinations, each having a different certificate/key
pair. When set, this parameter will lock the SSL client settings to a specific IP address. If this
parameter is left blank, the router uses the configured SSL client settings for any connection
that requires SSL. As is usual with the tables on the configuration web pages, the relevant and
appropriate parameters are selected and the Add button on the right-hand side is clicked to
add the entry into the table. Once an entry has been added, it can be removed by clicking the
Delete button in the right-hand column.
Reject Self-Signed Certificates
If enabled, a self-signed certificate delivered from the remote peer will be rejected unless a
copy of the certificate exists on the router's local flash memory. The file must be named as per
usual CA certificate convention for Digi TransPort routers, which is to prefix the name with ca,
and use the extension .pem or .der. If disabled, the router accepts self-signed certificates
whether or not a local copy of it exists.
3. Click Apply.
Command line
Command Instance Parameter Values
Equivalent web
parameter
sslcli 0-4 certfile Up to 12 characters (DOS
8.3 format)
Client Certificate
Filename
sslcli 0-4 keyfile Up to 12 characters (DOS
8.3 format)
Client Private Key
Filename
sslcli 0-4 cipherlist Colon-separated list of
ciphers
Cipher List
sslcli 0-4 insecure on, off Allow Insecure Ciphers
sslcli 0-4 IPaddr Valid IPaddress Apply to Destination IP
Address
To Next Page
Loading...
