Table of Contents
Advertisement
Figure 34-51. Configuration > Ranger Gateway page SSL Trust tab
The SSL configuration on a ZoneRanger or Ranger Gateway consists of two parts:
1. Configuring a ZoneRanger or Ranger Gateway with private encryption keys, and with
corresponding certificates that it will use to identify itself, and to pass public encryption
key material to other entities.
2. Configuring a ZoneRanger or Ranger Gateway with the identities or "trusted subjects" with
which it is authorized to communicate.
By default, each ZoneRanger is configured with a certificate issued by the Tavve internal
certificate authority, with the following subject (identity):
CN=ZoneRanger,OU=Engineering,O=Tavve,L=Morrisville,ST=North Carolina,C=US
Similarly, each Ranger Gateway is configured with a certificate with the following subject:
CN = Ranger Gateway, OU = Engineering, O = Tavve, L = Morrisville, ST = North
Carolina, C = US
ZoneRangers are configured, by default, to permit communication with both subjects, in order
to support communication with joined Ranger Gateways, and with redundant peers.
To authorize a ZoneRanger to communicate with a device that was configured with a particular
SSL certificate, you must enter that certificate subject into the ZoneRanger Subjects table.
ZoneRanger 5.5 User's Guide
164
Hide quick links:
Advertisement
Table of Contents
