AKCP SEC+ Product Manual page 74

SEC+ and L-DCIM Product Manual
HTTPS
The HTTPS port is always enabled. You can change its listening port, if necessary.
On the SP+ family, the HTTPS supports TLS v1.1 and v1.2.
The HTTPS cypher suites are not customizable.
To eliminate browser warnings about the self-signed SSL certificate, you'll need to replace it.
Using the "Upload Certificate File" option you can upload an SSL certificate that will be used by the
unit's Web UI for HTTPS connection (see below).
SSL Certificate
SSL certificates are generated for DNS host names and not IP addresses. You should set a host
name for the SP+ unit in your local DNS server or DHCP server, and then generate the SSL
certificate for that host name.
Example: secplus.mycompany.org
The unit's default DNS host name is "secplus" but you can customize this.
Wildcard SSL certificates should also work, but this hasn't been tested.
If the name doesn't match with the one in the certificate, the browser will still show a security warning.
You can purchase a certificate from a trusted, verified Certificate Authority such as GoDaddy or use
your company's own CA if you have one.
Please note that only non-password protected certificate files are supported.
Choose your file with the Browse button and press Upload:
Then you'll be asked to restart the APS service in order to proceed with the new certificate:
- 74 -