Pepperl+Fuchs ICDM-RX/MOD Manual page 47

ICDM-RX/MOD User Manual
Network Menu
RSA Server Certificate
used by SSL servers
DH Key pair used by SSL
servers
Use the following steps to update security keys and certificates in the ICDM-RX/MOD.
1. Click the Network | Keys/Cert.
2. Click Browse to locate the key or certificate file, highlight the file, and click Open.
3. Click Upload when you return to the Key and Certificate Management page.
The key or certificate notation changes from factory or none to User when the ICDM-RX/MOD is secure.
Note: You do not need to click Save, but changes will not take effect until the ICDM-RX/MOD is rebooted.
Key and Certificate Management Page (Continued)
This is the RSA identity certificate that the ICDM-RX/MOD uses during SSL/TLS
handshaking to identify itself. It is used most frequently by SSL server code in
the ICDM-RX/MOD when clients open connections to the ICDM-RX/MOD's
secure web server or other secure TCP ports.
If a ICDM-RX/MOD serial port configuration is set up to open (as a client) a TCP
connection to another server device, the ICDM-RX/MOD also uses this
certificate to identify itself as an SSL client if requested by the server.
In order to function properly, this certificate must be signed using the Server
RSA Key. This means that the server RSA certificate and server RSA key must
be replaced as a pair.
This is a private/public key pair that is used by some cipher suites to encrypt the
SSL/TLS handshaking messages.
Note: Possession of the private portion of the key pair allows an eavesdropper
to decrypt traffic on SSL/TLS connections that use DH encryption during
handshaking.
47