Sony BRC-X400 Operating Instructions Manual page 79

802.1X
Enable
Select the checkbox to enable the 802.1X
authentication function.
Setting
EAP identify
Enter the user name to identify the client in the
802.1X authentication server up to 250 characters.
EAP password
Enter a supplicant EAP password which is required
when PEAP is selected with EAP mode. The
password can be half-width letters and the length
should be within 50 characters.
Reset
To change the once set EAP password, click [Reset]
and clear the current password. A new password can
be entered.
Note
Click [Cancel] at the bottom of the menu if you want
to cancel changing the EAP password after clicking
[Reset]. Doing so restores the other setting items to
the previous settings.
EAP method
You can select the authentication method used with
the authentication server. This camera supports TLS
and PEAP.
[TLS]: By this method, the supplicant and the server
authenticate each other using a certificate.
This enables secure port authentication.
[PEAP]: By this method, an EAP password is used for
the supplicant authentication and a
certificate is used for server authentication.
Client certificate
When TLS is selected as the EAP method, the
client certificate is imported, displayed or
deleted for the camera authentication.
To import the client certificate
Click [Choose File] to select the client certificate to
be imported. The selected client certificate is
imported to the camera.
Note
The import process becomes invalid if the selected
file is not a client certificate or the imported client
certificate is not allowed.
To display client certificate information
When the client certificate has been set in the
camera correctly, its information appears on
[Status], [Issuer DN], [Subject DN], [Available period]
and [Extended key usage].
Status
Shows if the status of the client certificate is valid or
invalid. The following statuses are recognized.
[Valid]: The client certificate is correctly stored and
set.
[Invalid]: The client certificate is not correctly stored
and set. Possible causes are as follows:
– The private key password included in the
client certificate is not specified correctly.
– The private key password is specified in
spite of the fact that the key pair in the
client certificate is not encrypted.
– The key pair is not included in the client
certificate.
Note
When the client certificate to be imported is of
PKCS#12 format and the private key password is not
set correctly, "<Put correct private key password>" is
displayed in the boxes of [Issuer DN], [Subject DN],
[Available period] and [Extended key usage]. Specify
the correct private key password to confirm the
information of the certificate.
To delete the client certificate
Click [Delete] to delete the client certificate stored in
the camera.
Private key password
Enter the password for the private key information
included in client certificate using up to 50
characters.
Leave the text box blank if the private key
information included in the client certificate is not
encrypted.
If a private key password is already set, it is
displayed as turned letters.
Reset
To change the once set private key password, click
[Reset] and clear the current password. A new
password can be entered.
Note
Click at the bottom of the menu if you
want to cancel changing the private key password
after clicking [Reset]. Doing so restores the other
setting items in the Client certificate tab to the
previous settings.
79