Configuring ssl certificates, Configuring self-signed certificates – Allied Telesis AT-S60 User Manual

AT-S60 Management Software User’s Guide

Section III: Security Features

337

Configuring SSL Certificates

The high-level configuration procedures included in this section
describe:

❑ Configuring Self-Signed Certificates on page 337

❑ Configuring CA Certificates on page 338

You configure self-signed certificates to create certificates that are used
within your organization, often within your own network. You configure
Certificate Authority (CA) certificates for use over the Internet.

Note

If you are learning to create certificates, Allied Telesyn recommends
you first create a self-signed certificate.

Both of the procedures provided here are high-level procedures that
reference several other chapters within this manual. Both procedures
refer to sections in the following chapters:

❑ Chapter 20: Encryption on page 340

❑ Chapter 21: Public Key Infrastructure (PKI) on page 357

❑ Chapter 22: Secure Sockets Layer (SSL) on page 380

You may want to read the introductory material in the above chapters
for definitions of pertinent terms.

Configuring

Self-Signed

Certificates

To configure a self-signed certificate, perform the following procedure:

1. Login with a Manager login id.

2. Create an RSA key pair for this switch.

To create an RSA key pair, see Configuring Keys for Encryption
on page 347.

3. Set the switch’s distinguished name.

To configure a distinguished name for a switch, see Configuring
Keys for Encryption on page 347.

4. Set the Universal Coordinated Time (UTC).

To set the time, see Setting the System Time on page 52.

5. Create a self-signed certificate for the switch.

To create a PKI certificate without contacting a CA for browsing to
the GUI, see Configuring Certificates on page 364.