Creating An Ssl Server Certificate; Ssl Certificate Entries - AMX NI-700 Webconsole & Programming Manual

Creating an SSL Server Certif icate
Initially, a NetLinx Master is not equipped with any installed certificates. In order to prepare a Master for later use with "CA"
(off icially issued) server certificates, it is necessary to:
First create a self-generated certif icate which is automatically installed onto the Master.

Secondly, enable the SSL feature from the Enable Security page. Enabling SSL security after the certificate has been self-

generated insures that the target Master is utilizing a secure connection during the process of importing a CA server
certificate over the web.
NOTE: A certif icate consists of two different Keys: The Master Key is generated by the Master and is incorporated into the text string
sent to the CA during a certif icate request. It is unique to a particular request made on a specif ic Master. Note that regenerating a
previously requested and installed certif icate invalidates that certif icate because the Master Key has been changed. The Public Key is
part of the text string that is returned from the CA as part of an approved SSL Server Certif icate. This public key is based off the
submitted Master key from the original request.
1. Click the Create SSL Certif icate link (under SSL Certif icate Options) to access the Create SSL Certif icate window (FIG. 56).
Create SSL Certificate window
FIG. 56
2. Fill out the information in this window, according to the descriptions in the SSL Certif icate Entries section below.
3. Click Create SSL Certif icate to update the Master with the information entered on this page. This process can take several
minutes.
SSL Certif icate Entries
The following table describes the SSL Certificate entries presented in the Create SSL Certif icate window (FIG. 56):
SSL Certif icate Entries
Entry
Bit Length:
Common Name:
Action:
Organization Name:
Organization Unit:
City/Location:
NetLinx Integrated Controllers (Firmware v4)- WebConsole & Programming Guide
Description
Provides a drop-down selection with three public key lengths (512, 1024, 2048).
• A longer key length results in more secure certificates.
• Longer key lengths result in increased certificate processing times.
The Common Name of the certificate must match the URL Domain Name used for the Master.
Example: If the address used is www.amxuser.com, that must be the Common name and format used.
• The Common Name can not be an IP Address.
• If the server is internal, the Common Name must be Netbios.
• For every website using SSL that has a distinct DNS name, there must be a certificate installed. Each website for
SSL must also have a distinct IP Address.
• This domain name must be associated to a resolvable URL Address when creating a request for a purchased
certificate.
• The address does not need to be resolvable when obtaining a free certificate.
Provides a drop-down selection with a listing of certificate actions:
• Display Certif icate - Populates the Server Certificate fields with the information from the certificate currently
installed on the Master. This action is used only to display the information contained in the certif icate on the
target Master.
• Create Request - Takes the information entered into these fields and formats the certificate so it can be
exported to the external Certificate Authority (CA) for later receipt of an SSL Certificate.
This action is used to request a certif icate from an external source.
• Self Generate Certif icate - Takes the information entered into the previous fields and generates its own SSL
Certificate.
This action is used when no previous certif icate has been installed on the target Master, or a self-signed
certif icate is desired.
• Regenerate Certif icate - Takes the information entered into the previous fields and regenerates an SSL
Certificate. This action changes the Master Key.
This method of certif icate generation is used to modify or recreate a previously existing certif icate already on the
Master.
Name of your business or organization. This is an alpha-numeric string (1 - 50 characters in length).
Name of the department using the certificate. This is an alpha-numeric string (1 - 50 characters in length).
Name of the city where the certificate is used. This is an alpha-numeric string (1 - 50 characters in length).
WebConsole - System Options
53