Table of Contents
Advertisement
ICDM-RX/MOD User Manual
Network Menu
This option enables or disables the telnet security feature after you click Save and
Enable Telnet/ssh
the ICDM-RX/MOD has been rebooted. This option is enabled by default.
This option enables or disables the SNMP security feature after you click Save and
Enable SNMP
the ICDM-RX/MOD has been rebooted. This option is enabled by default.
You can select the appropriate version for your environment.
•
Minimum Allowed
•
SSL/TLS Version
•
•
Use the following steps to change security settings in the ICDM-RX/MOD.
1. Click the Network | Security.
2. Click the appropriate check boxes in the Security Settings page to enable or disable security accordingly.
3. After making changes, you must click Save.
4. You may need to configure security keys or certificates depending on your choices using the next
subsection.
5.4. Keys/Certs Page
For secure operation, the ICDM-RX/MOD uses a set of three keys and certificates. These keys and certificates
are user configurable.
Note: All ICDM-RX/MOD units are shipped from the factory with identical configurations. They all have the
identical self-signed, Pepperl+Fuchs Comtrol Server RSA Certificates, Server RSA Keys, and Server
DH Keys.
For maximum data and access security, you should configure all ICDM-RX/MOD units with custom
certificates and keys.
RSA Key pair used by SSL
and SSH servers
46
Security Settings Page (Continued)
SSLv3.0
TLSv1.0 (default)
TLSv1.1
TLSv1.2
Key and Certificate Management Page
This is a private/public key pair that is used for two purposes:
•
It is used by some cipher suites to encrypt the SSL/TLS handshaking
messages. Possession of the private portion of this key pair allows an
eavesdropper to both decrypt traffic on SSL/TLS connections that use RSA
encryption during handshaking.
•
It is used to sign the Server RSA Certificate in order to verify that the ICDM-
RX/MOD is authorized to use the server RSA identity certificate.
Note: Possession of the private portion of this key pair allows somebody to
pose as the ICDM-RX/MOD.
If the Server RSA Key is to be replaced, a corresponding RSA identity certificate
must also be generated and uploaded or clients are not able to verify the identity
certificate.
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Pepperl+Fuchs ICDM-RX/MOD
Related Products for Pepperl+Fuchs ICDM-RX/MOD
- Pepperl+Fuchs RocketLinx ICRL-U-8M12-G60
- Pepperl+Fuchs ICDM-RX/TCP-DB9/RJ45-PM
- Pepperl+Fuchs ICDM-RX/TCP-DB9/RJ45-PM2
- Pepperl+Fuchs ICDM-RX/TCP-DB9/RJ45-DIN
- Pepperl+Fuchs ICDM-RX/TCP-ST/RJ45-DIN
- Pepperl+Fuchs ICDM-RX/TCP-2DB9/RJ45-DIN
- Pepperl+Fuchs ICDM-RX/TCP-2ST/RJ45-DIN
- Pepperl+Fuchs ICDM-RX/TCP-4DB9/2RJ45-DIN