Ssl Certificates - Tavve zoneranger User Manual

Inspect the results of the password update. If the update succeeded for all devices, a table
of updated nodes and users is displayed. If the update failed for one or more devices, error
messages are displayed.
If error messages are present, you can:
Note that when the SNMPv3 passwords configuration tool successfully updates the passwords
for a set of SNMPv3 users, corresponding configuration entries in the SNMPv3 users table
(Configuration > SNMP page on the Users tab) are automatically updated to match the new
passwords. If the Undo Changes button is used to reset the passwords to their previous values,
corresponding configuration entries in the SNMPv3 users table are also automatically reset to
their previous values.

SSL Certificates

All communication between Ranger Gateways and ZoneRangers use SSL for authentication and
encryption of transmitted data.
The SSL configuration on each ZoneRanger or Ranger Gateway consists of two parts:
1. Configuring a ZoneRanger or Ranger Gateway with private encryption keys, and with
corresponding certificates that it will use to identify itself, and to pass public encryption
key material to other entities.
2. Configuring a ZoneRanger or Ranger Gateway with the identities or "trusted subjects" with
which it is authorized to communicate.
By default, all ZoneRangers and Ranger Gateways are configured with certificates issued by
Tavve's internal certificate authority. In order to provide increased security, some users may
wish to obtain their own unique SSL certificates, either from Tavve's internal certificate
authority, or from a well known external certificate authority, such as VeriSign, Thawte, or
Entrust. In these cases, it will be necessary to modify the SSL configuration on each Ranger
Gateway and ZoneRanger, both with the new certificates, and with updated trusted subject lists.
The Administration > SSL Certificate page provides a mechanism to install the private key
and corresponding certificates on a ZoneRanger.
Important Note. You should use HTTPS when installing new keys and certificates using the
ZoneRanger web interface to reduce the risk of unauthorized disclosure of sensitive encryption
material.
ZoneRanger 5.5 User's Guide
a) Click Undo Changes to back out the changes. This resets user passwords to their
previous values for any devices that were successfully updated. After backing out the
changes, you can resolve the underlying issue, repeat the analysis, and try updating the
passwords again.
b) Note which devices did not update properly, and modify the passwords manually.
Typically, this is accomplished by logging in to the device and using the configuration
interface for the device to modify the passwords.
127