Out-Of-Box Operation; Enabling Https/Ssl; Loading Https/Ssl Certificates And Keys - Redline RDL-3000 SC User Manual

Rdl-3000 family broadband wireless radio platforms

Hide thumbs Also See for RDL-3000 SC:

User manual (143 pages)

Installation manuallines (65 pages)

Configuration instructions (9 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

Table of Contents

RDL-3000 FAMILY

Out-of-Box Operation

The RDL-3000 provides out-of-box HTTPS (SSL) using an embedded X.509 certificate.

The embedded certificate is identical for all shipped RDL-3000 equipment and is

intended only to for initial system configuration. Use of the embedded certificate does

not provide a secure solution.

When using the embedded certificate, warning messages may be displayed based on

browser security settings (e.g., '

certificate authority. The security certificate presented was issued for a different website address.)

e operator has full access to the secure Web interface.

It is recommended that system operators generate a unique certificate and private-public

keys, and load these on the RDL-3000 before using the HTTPS feature in a production

environment.

Enabling HTTPS/SSL

HTTPS is disabled by (factory) default. Use the Web interface or CLI to enable HTTPS:

Web interface:

Command: set https on

Save the configuration to active changes.

To access the RDL-3000 using HTTPS, the URL entered in the Web browser must

specify 'https' or directly reference port 443.

Example: To access the RDL-3000 when HTTPS is enabled (default IP shown):

https://192.168.25.2/

http://192.168.25.2:443/

Loading HTTPS/SSL Certificates and Keys

Use the following steps to load user-generated X.509 certificate and key files:

1. Use a commercially available tool to create the required certificate and key files.

The X.509 certificate file must conform to the following:

Maximum file size is 1400 bytes

Subject must match the access method (e.g., IP or name)

Filename must be formatted as follows:

ssl_cert_<mac>.pem

The SSL (RSA) key file must conform to the following:

Maximum 2048 bits.

Filename must be formatted as follows:

ssl_key_<mac>.pem

2. Copy the key files to the default directory on a TFTP server.

3. Use the CLI 'load' command to load the RSA key and certificate. It is recommended

to use the local Ethernet port when transferring encryption keys and certificates to

the RDL-3000.

4. Use the command 'show files usr' to verify the files have been successfully loaded.

5. Reboot the RDL-3000 to activate changes to the key files. HTTPS is available when

the system reboot is completed.

Example

70-00158-01-08

USER MANUAL

The security certificate presented was not issued by a trusted

Configuration screen -> Ethernet: HTTPS Enable

(Web browser defaults to port 443)

(Operator specifies port 443)

Page

139

of 150

December 7, 2011

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

Rdl-3000 su Rdl-3000 m Enterprise

Out-Of-Box Operation; Enabling Https/Ssl; Loading Https/Ssl Certificates And Keys - Redline RDL-3000 SC User Manual

Out-of-Box Operation

Enabling HTTPS/SSL

Loading HTTPS/SSL Certificates and Keys

Hide quick links:

Related Manuals for Redline RDL-3000 SC

Related Products for Redline RDL-3000 SC

This manual is also suitable for:

Table of Contents