beautypg.com

1 tls proxy server, Tls proxy server – Campbell Scientific NL200/NL201 Network Link Interface User Manual

Page 30

background image

NL200/201 Network Link Interface

In order to use TLS, the user must configure the NL200/201 with a user-

supplied TLS Private Key and TLS Certificate. The key and certificate are

loaded using DevConfig.

Using DevConfig, navigate to the Settings Editor tab and then to the TLS tab.

Load the user-supplied, PEM-formatted TLS Private key using the

Set

TLS Key … button. A file dialog will open. Navigate to the key file

and click

Open.

Load the user-supplied, PEM-formatted TLS Certificate using the

Set

TLS Certificate … button. A file dialog will open. Navigate to the

certificate file and click

Open.

Enter the

TLS Private Key Password if the TLS Private Key is

encrypted. Otherwise, leave the setting blank.

After loading the key and certificate, click the

Apply button. The

NL200/201 will reboot. Connect with DevConfig again and navigate

to the Settings Editor tab and then to the TLS tab. The

TLS Status

should say

Initialized.

The TLS Settings described above cannot be edited over a

standard TCP DevConfig link. The TLS Private Key, TLS Private

Key Password and TLS Certificate can only be edited/transmitted

over a secure DevConfig link (USB or TLS).


If the status of the TLS stack is

Initialized, the NL200/201 will

automatically negotiate a secure TLS connection with DevConfig

as long as the

Use IP Connection option is selected.

7.6.1 TLS Proxy Server

A TLS proxy server is a device that acts as a secure intermediary for requests

from clients seeking resources from other servers. A client connects to the

proxy server, requesting some service, such as a file, connection, web page, or

other resource, available from a different server. The proxy server evaluates

the request according to its filtering rules. For example, it may filter traffic by

IP address or protocol. If the request is validated by the filter, the proxy

provides the resource by connecting to the relevant server and requesting the

service on behalf of the client.

When the TLS Proxy Server function is enabled, the NL200/201’s TLS Proxy

Server maintains a secure TLS connection with a remote TLS client and

forwards data onto a datalogger using a standard TCP connection thus enabling

communication with TLS clients. The TLS client can be a web browser using

HTTPS or other user-supplied TLS client. Any other client program that

encrypts a standard TCP connection using TLS may be used to establish a

connection with the NL200/201 TLS Proxy Server and the NL200/201 will

forward unencrypted TCP data to a datalogger. In this way, a remote TLS

client can establish a TLS connection with a datalogger.

NOTE

NOTE

20

See also other documents in the category Campbell Scientific Hardware: