Ssh And Ssl Keys And Certificates; Certificate And Keys Life Cycle - Siemens RUGGEDCOM ROS User Manual

Hide thumbs Also See for RUGGEDCOM ROS:

User manual (246 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

Table of Contents

RUGGEDCOM ROS

User Guide

Reading the ErrorAlarm Status From a Device Using TruthValue

To understand how to use the TruthValue format to read the ErrorAlarm status from a device, conside a ModBus

request to read mulitple registers from location 0x0045.

0x04

The response may look like:

0x04

The register's lower byte shows the ErrorAlarm status. In this example, there is no active ERROR, ALERT or CRITICAL

alarm in the device.

Section 1.8

SSH and SSL Keys and Certificates

The following describes the SSH and SSL keys and certificates in RMC30, along with the certificate and SSH key

requirements.

CONTENTS

•

Section 1.8.1, "Certificate and Keys Life Cycle"

•

Section 1.8.2, "Certificate and Key Requirements"

Section 1.8.1

Certificate and Keys Life Cycle

Each RUGGEDCOM ROS device is shipped with an SSL certificate and RSA key pair, and a DSA host key pair for

SSH, that are generated at and provisioned by the factory. The administrator may upload a new certificate and

keys to the system at any time, which will overwrite the existing ones. In addition, CLI commands are available to

regenerate SSL certificate and key pair as well as the SSH host key pair.

There are three types of certificates and keys used in RUGGEDCOM ROS:

NOTE

SSH is not supported in Non-Controlled (NC) versions of RUGGEDCOM ROS.

NOTE

Network exposure to a ROS unit operating with the default keys, although always only temporary

by design, should be avoided. The best way to reduce or eliminate this exposure is to provision user-

created certificate and keys as quickly as possible, and preferably before the unit is placed in network

service.

• Default

A default certificate and SSL/SSH keys are built in to RUGGEDCOM ROS and are common across all RUGGEDCOM

ROS units sharing the same firmware image. In the event that valid SSL certificate or SSL/SSH key files are not

available on the device (as is usually only the case when upgrading from an old ROS version that does not

support user-configurable keys and therefore does was not shipped with unique, factory-generated keys), the

SSH and SSL Keys and Certificates

0x00

0x45

0x02

0x00

Chapter 1

Introduction

0x01

Table of Contents

Ssh And Ssl Keys And Certificates; Certificate And Keys Life Cycle - Siemens RUGGEDCOM ROS User Manual

SSH and SSL Keys and Certificates

Certificate and Keys Life Cycle

Related Manuals for Siemens RUGGEDCOM ROS

Related Content for Siemens RUGGEDCOM ROS

Table of Contents