C2G 52064 Single Port KVM over IP User Manual

Single Port KVM over IP

67 / 88

6.6.4 Certificate

Figure 6-28. Certificate Settings

The IP-KVM switch uses the Secure Socket Layer (SSL) protocol for any
encrypted network traffic between itself and a connected client. During the
connection establishment the IP-KVM switch has to expose its identity to a client
using a cryptographic certificate. The default certificate comes with IP-KVM device
upon delivery is for testing purpose only. System administrator should not rely on
this default certificate as the secured global access mechanism through Internet.

However, it is possible to generate and install a new base64 X.509 certificate that
is unique for a particular IP-KVM switch. In order to do that, the IP-KVM switch is
able to generate a new cryptographic key and the associated Certificate Signing
Request (CSR) that needs to be certified by a certification authority (CA). A
certification authority verifies that you are the person who you claim you are, and
signs and issues a SSL certificate to you.

The following steps are necessary to create and install a SSL certificate for the
IP-KVM switch:

• Create a SSL Certificate Signing Request using the panel shown in Figure 6-28.

You need to fill out a number of fields that are explained below. Once this is
done, click on the button “Create” which will initiate the Certificate Signing
Request generation. The CSR can be downloaded to your administration
machine with the “Download CSR” button (see Figure 6-29).

• Send the saved CSR string to a CA for certification. You will get the new

certificate from the CA after a more or less complicated traditional authentication
process (depending on the CA).

• Upload the certificate to the IP-KVM switch using the “Upload” button as shown

in Figure 6-29

.