Table of Contents
Advertisement
Chapter 4
Using Scripts to Create SSL Certificates
Figure 3: Scenario 3
1. Script Machine
2. Certificate
1.
Navigate to the RCKeyGen folder on the script machine and open the file device_data.txt in a text
editor.
2.
Replace the current content with a list of addresses (one per line) for devices for which certificates are to
be generated. The script will take the list of addresses and use them as the Common Name parameter in
the Distinguished name field (i.e. the Subject Identifier in an X.509 certificate). The script can take both IP
addresses and DNS names for the switches. The list must have some addresses for the script to generate
certificates.
NOTE
Setting the Common Name (IP address/DNS address) correctly will make sure browsers do not
complain about the certificate Common Name not matching the URL. The switch will also have
to be accessed using the DNS name or the IP address that was provided in device_data.txt.
Configuring an IP address for the Common Name and then accessing the unit with a DNS name
(or vice versa) will cause the browser to complain.
3.
Save and close the file.
NOTE
For Windows XP, scripts should be launched through the command prompt in the same order as
described in this procedure.
Double-click the script 02_ssl_device_certgen.vbs to generate a certificate for each device listed in
4.
device_data.txt and have them signed by the Root CA. When the script asks if the certificates need to
be self-signed, click Yes.
12
1
3
3. ROS/ROX Devices
2
Scenario 3: Self-Signed Device Certificates
RUGGEDCOM
Application Note
- Quick Links:
- Introduction
Hide quick links:
Advertisement
Table of Contents
