Verify - Universal Devices ISY-994i User Manual
Home automation
Hide thumbs
Also See for ISY-994i:
- User manual (90 pages) ,
- Quick setup manual (3 pages) ,
- User manual (20 pages)
Table of Contents
Advertisement
o TLS_RSA_WITH_AES_256_SHA,
o TLS_RSA_WITH_AES_128_SHA2,
o TLS_RSA_WITH_AES_128_SHA,
21.6.1.6Verify
Whether or not client/server authentication should be performed on the peer:
• The certificate must be valid
• The certificate must be signed by a CA (see #d. CA Certificates), through a certificate
path, which is known to ISY
Care should be taken when Verify is checked for Server Settings. In this case, all clients
(including browsers and mobile devices) must provide ISY with a valid certificate. This
might not be optimal in normal operations since most browsers/mobile devices do not
offer any certificates and thus ISY may not be reachable over HTTPS.
Care should also be taken when Verify is checked for Client Settings. In this case all
communications initiated from ISY to external HTTPS resources shall be validated. This
might cause problems with Portals (such as MobiLinc) and Network resources which
communicate with devices that do not have valid certificates. This may also interfere with
SMTP operations that require TLS.
In short – and unless you have explicit requirements, such as OpenADR – then it's best to
keep Verify unchecked.
21.6.1.7CA Certificates
In order for Verify (Client/Server Authentication) to work, you will need to import
Certificate Authority signing certificates into ISY.
Please note that if you would like to support a certificate that goes through a chain to reach
the root signing certificate, then you must import all the certificates in the chain and all the
way up to the root.
To import CA Certificates, click on the CA Certificates button and then click on Import to
import CA certificates (see below).
Page | 564
Advertisement
Table of Contents
Troubleshooting
