EasyManuals Logo

LOYTEC L-IP User Manual

LOYTEC L-IP
173 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #76 background imageLoading...
Page #76 background image
L-IP User Manual 76 LOYTEC
Version 6.1 LOYTEC electronics GmbH
Icon
Status
Description
registered
The CEA-852 device has been successfully registered
with the IP-852 channel and is fully functional.
unregistered
The CEA-852 device has never been registered with
the IP-852 channel.
not contacted
The CEA-852 device has not been contacted since
the configuration server has started.
not
responding
The CEA-852 device has been registered but is not
responding at the moment.
disabled
The CEA-852 device has been disabled on the
channel (or rejected).
No extended
NAT
The CEA-852 device does not support the extended
NAT mode. This device is disabled.
Table 6: Possible Communication Problems in the Configuration Server.
6.2.14 Certificate Management
Some L-IP models provide the secure HTTPS and OPC UA in addition to HTTP and OPC
XML-DA. It allows for encrypted and authenticated communication.
The HTTPS server settings can be configured in the Ethernet Port Configuration page. It is
possible to enable or disable the HTTPS server and to change the TCP port of the HTTPS
server. The default HTTPS server port is 443. These settings will be active after rebooting.
When connecting with a web browser to the L-IP you will be warned that the server uses a
self-signed certificate. You need to accept the certificate in order to continue. In some
browsers this is also called “adding an exception”.
Note that in default configuration, communication is encrypted, but not authenticated, as the
default certificate is self-signed. If you operate in a safe environment, no further action has
to be taken.
In a hostile environment (e.g. when using over the internet), consider installing a server
certificate signed by a certification authority to prevent man-in-the-middle attacks. HTTPS
and OPC UA servers use X.509 certificates to authenticate themselves to clients. In order to
establish communication, the client has to trust the server certificate. There are two options
to accept a server certificate:
The user manually accepts the certificate.
The server certificate is provided by a public certification authority (CA).
The L-IP devices are configured with a self-signed certificate, but custom server certificates
can be imported in the configuration page. Please follow these steps to install a custom SSL
certificate.
1. Go to the Certificates configuration page and select the Create Certificate tab.
Choose the radio button CA Request as shown in Figure 68. In Common Name
provide a valid DNS host name (e.g., lip-g01.acme.com) or the IP address for the
device. SSL certificates use host names. Enter organization name, organization unit,
city, and state. Then choose the country and click Create Certificate Request.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the LOYTEC L-IP and is the answer not in the manual?

LOYTEC L-IP Specifications

General IconGeneral
BrandLOYTEC
ModelL-IP
CategoryNetwork Router
LanguageEnglish