Digi LR54 User Manual page 830

User authentication
a. For Add Peer certificate, type the name of a trusted peer and click .
b. Paste the public certificate for the trusted peer in PEM format.
c. Repeat for additional trusted peer certificates.
9. Click Apply to save the configuration and apply the change.

Command line
1. Select the device in Remote Manager and click Actions > Open Console, or log into the LR54
local command line as a user with full Admin access rights.
Depending on your device configuration, you may be presented with an Access selection
menu. Type admin to access the Admin CLI.
2. At the command line, type config to enter configuration mode:
> config
(config)>
3. (Optional) Paste a TLS certificate and private key in PEM format:
(config)> auth serial identiy "cert-and-private-key"
(config)>
4. Set the method used to verify the certificate of a remote peer:
(config)> auth serial verify value
(config)>
where value is either:
ca: Uses certificate authorities (CAs) to verify.
n
peer: Uses the remote peer's public certificate to verify.
n
5. By default, peers with certificates that have been signed by standard Certificate Authorities
(CAs) are allowed to authenticate. To disable:
(config)> auth serial ca_standard false
(config)>
6. Add the public certificate for a custom certificate authority:
(config)> add auth serial ca_certs CA-cert-name "cert-and-private-key"
(config)>
where:
CA-cert-name is the name of the certificate for the custom certificate authority.
n
cert-and-private-key is the certificate and private key for the custom certificate
n
authority.
Repeat for additional custom certificate authorities.
7. Save the configuration and apply the change:
(config)> save
Configuration saved.
>
LR54 User Guide
Configure serial authentication
830