ABB EDS500 Series Function Manual page 113
Ethernet & dsl switches
Hide thumbs
Also See for EDS500 Series:
- Manual (46 pages) ,
- Operating instruction (7 pages) ,
- Operating instructions manual (6 pages)
Table of Contents
Advertisement
Functions
Self-signed
cerficate
Figure 34: Key and certificate combination
EC key
The first decision is if the preinstalled key on the device or an external key shall be used. This
decision usually depends on the guidelines of the companies. The key pre-installed in the
device complies with ABB's minimum cyber security requirements. According to this, the key
is unique and the private part is not read out. However, some companies need to use their
own keys and this is supported by the EDS500 managed switches. How to upload keys to the
device is described in the next chapter.
At this point it should be mentioned that the key, especially the private part, must never be
transmitted over an insecure connection. This should also be avoided over supposedly secure
connections.
Private keys must be protected against access by third parties under all circumstances.
The device EC key is not deleted when using an external EC key. It remains in the device, but is
inactive.
Certificate
Certificates can be generated in the device based on the current EC Key. As soon as the device
has a valid EC key (external or device), it automatically generates a valid certificate (self-
signed). This certificate can be downloaded and added to the used browser.
1KGT151021 V000 1
EC Key?
external
Cerficate?
CSR generated,
External generated,
CA-signed
CA-signed
cerficate
cerficate
Valid combinaon of EC key and cerficate
device
Cerficate?
CSR generated,
CA-signed
cerficate
A D V I C E
Certificate Management
Self-signed
cerficate
113
- Quick Links:
- Configuration Via the Serial Interface
Hide quick links:
Advertisement
Table of Contents
