Download Certificate; Configuration - D-Link DGS-3024 Manual

Managed 24-port gigabit ethernet switch

Hide thumbs Also See for DGS-3024:

Manual (208 pages)

User manual (145 pages)

Command line interface reference manual (139 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

page of 180

/ 180
Contents
Table of Contents
Bookmarks

Table of Contents

3. Hash Algorithm: This part of the ciphersuite allows the user to choose a message digest function which will

determine a Message Authentication Code. This Message Authentication Code will be encrypted with a sent

message to provide integrity and prevent against replay attacks. The Switch supports two hash algorithms, MD5

(Message Digest 5) and SHA (Secure Hash Algorithm).

These three parameters are uniquely assembled in four choices on the Switch to create a three-layered encryption code for

secure communication between the server and the host. The user may implement any one or combination of the ciphersuites

available, yet different ciphersuites will affect the security level and the performance of the secured connection. The

information included in the ciphersuites is not included with the Switch and requires downloading from a third source in a

file form called a certificate. This function of the Switch cannot be executed without the presence and implementation of

the certificate file and can be downloaded to the Switch by utilizing a TFTP server. The Switch supports SSLv3. Other

versions of SSL may not be compatible with this Switch and may cause problems upon authentication and transfer of

messages from client to host.

Download Certificate

This window is used to download a certificate file for the SSL function on the Switch from a TFTP server. The certificate

file is a data record used for authenticating devices on the network. It contains information on the owner, keys for

authentication and digital signatures. Both the server and the client must have consistent certificate files for optimal use of

the SSL function. The Switch only supports certificate files with .der file extensions. Currently, all members of the xStack

family come with a certificate pre-loaded though the user may need to download more, depending on user circumstances.

To view the following window, click Security > Secure Socket Layer (SSL) > Download Certificate:

To download certificates, set the following parameters and click Apply.

Parameter

Server IP

Certificate File Name

Key File Name

Click Apply to implement changes made.

Configuration

This window will allow the user to enable SSL on the Switch and implement any one or combination of listed ciphersuites

on the Switch. A ciphersuite is a security string that determines the exact cryptographic parameters, specific encryption

algorithms and key sizes to be used for an authentication session. The Switch possesses four possible ciphersuites for the

DGS-3024 Gigabit Ethernet Switch Manual

Figure 8- 2. Download Certificate window

Description

Enter the IP address of the TFTP server where the certificate files are located.

Enter the path and the filename of the certificate file to download. This file must have

a .der extension. (Ex. c:/cert.der)

Enter the path and the filename of the key file to download. This file must have a .der

extension (Ex. c:/pkey.der)

Table of Contents

Download Certificate; Configuration - D-Link DGS-3024 Manual

Download Certificate

Configuration

Related Manuals for D-Link DGS-3024

Related Content for D-Link DGS-3024

Table of Contents