Using secured socket layers, Introduction to ssl certificates, Server certificates – Dell PowerVault 715N (Rackmount NAS Appliance) User Manual
Page 72: Powervault 715n certificate, Using a custom certificate
Migrate the pilot group of users and their files (adapt instructions from the migration steps provided in the
"
" section). Get the pilot group's feedback, and then set a schedule to migrate additional
groups of users, according to the priorities you have established.
Migrate the rest of the users as appropriate (for example, if you migrate the set of applications they use, it is
time to migrate them as well).
For more information, see the Novell website at http://support.novell.com/servlet/Knowledgebase and the
Windows 2000 website at http://www.microsoft.com/windows2000.
Using Secured Socket Layers
This section explains how secured socket layers (SSL) are used in the NAS appliance. It also explains how to use your own
certificate, if you have one, and how to regenerate your certificate.
Introduction to SSL Certificates
Certificates contain information that is used to establish system identities over a network. This identification process is
called authentication. Although authentication is similar to conventional forms of identification, certificates enable Web
servers and users to authenticate each other before establishing a connection to create more secure communications.
Certificates also contain encryption values, or keys, that are used in establishing a Secure Sockets Layer (SSL) connection
between the client and server. Information, such as a credit card number, sent over this connection is encrypted so that it
cannot be intercepted and used by unauthorized parties.
Two types of certificates are used in SSL. Each type has its own format and purpose. Client certificates contain personal
information about the clients requesting access to your site, which allows you to positively identify them before allowing
them access to the site. Server certificates contain information about the server, which allows the client to positively
identify the server before sharing sensitive information.
Server Certificates
To activate your Web server's SSL 3.0 security features, you must obtain and install a valid server certificate. Server
certificates are digital identifications containing information about your Web server and the organization sponsoring the
server's Web content. A server certificate enables users to authenticate your server, check the validity of Web content,
and establish a secure connection. The server certificate also contains a public key, which is used in creating a secure
connection between the client and server.
The success of a server certificate as a means of identification depends on whether the user trusts the validity of
information contained in the certificate. For example, a user logging on to your company's website might be hesitant to
provide credit card information, despite having viewed the contents of your company's server certificate. This might be
especially true if your company is new and not well known.
For this reason, certificates are sometimes issued and endorsed by a mutually trusted, third-party organization, called a
certification authority (CA). The certification authority's primary responsibility is confirming the identity of those seeking a
certificate, thus ensuring the validity of the identification information contained in the certificate.
Alternatively, depending on your organization's relationship with its website users, you can issue your own server
certificates. For example, in the case of a large corporate intranet handling employee payroll and benefits information,
corporate management might decide to maintain a certificate server, and assume responsibility for validating identification
information and issuing server certificates. For more information, see "
Obtaining a Server Certificate From a Certification
PowerVault 715N Certificate
By default, the PowerVault 715N has a self-generated and self-signed certificate. The configured SSL port is 1279.
NOTE:
For non-SSL communication, use port 1278. This port is not a secure port and all text is sent in plain text
over the network.
Using a Custom Certificate
If a CA is present in the network, the administrator can choose to change the default PowerVault 715N certificate. The
administrator must use the wizards to first request a certificate, and then apply it to the appliance.