Leica GR10 Operational Manual page 255

How do I get self-signed certificate?
Besides the purchased SSL certificates, there are also self-signed certificates which do not cost anything. Self-signed
certificates work just as well as purchased ones but they are missing the authorization of the third party. Self-signed
SSL certificates mainly guarantee the protection of your data when sending it over the internet. You will know that a
self-signed certificate is used when you see an authentication warning in the browser window when accessing the
page which has to be accepted before the web site opens. Such a self-signed certificate is the default that comes with
the GR/GM Series web site. The URL of the web site is not verified (as this is different for every receiver) and the
certificate is self-signed by Leica Geosystems AG.
1. Follow these steps to generate SSL certificate products:
1. Download & installation of openssl (Win32 OpenSSL v1.0.1e Light). Download link:
http://slproweb.com/products/Win32OpenSSL.html
2. Generate RSA private key: openssl genrsa -des3 -out domainname.key 2048
3. Remove pass-phrase / generate PEM format (Needed for "SSL key" field on web server config page):
openssl rsa -in domainname.key -out domainname.pem
4. Generation of the CSR (Certificate Signing Request): openssl req -new -key domainname.key -out
domainname.csr -config openssl.cfg
5. Generation of the CRT (The self-signed certificate, Needed for "SSL certificate" field on web server config
page): openssl x509 -req -days 3600 -in domainname.csr -signkey domainname.key -out domainname.crt
How do I install my SSL certificate and key?
When you have created an SSL key and an SSL certificate you will have two files that can be opened with a text editor
such as note pad.
1.
2.
3.
4.
Visit the Qualys SSL Labs website for important news and additional information regarding secure
connections with SSL/TLS.
Please read the private key and certificate recommendations from Qualys SSL Labs.
Mozilla Firefox does not support the use of certain ports. Use a different internet browser if these ports need
to be used. Ports blocked by default in Mozilla Firefox browser.
Setting Descriptions
The table below describes the fields in the Web server page.
Open the SSL certificate (CRT file) and copy the text into the SSL certificate window on the
Receiver setup / Web server page on your receivers web interface.
Open the key file in the same way and copy / paste the text into the SSL key window on the same
page.
Store the settings.
Your certificate should now be installed. Activate the HTTPS settings and re-open the web
interface. It should open as an HTTPS secure site. Click on the
the certificate information.
6: Context sensitive help
icon in the browser and check
253