Security Settings


#1

The goal is to have https: on the admin page.
on my local laptop i created a csr, and key, our ograization uses the csr to generate a .pem (crt) file.

After uploading a .crt and .key files, i press apply and get an error.
how can i trouble shoot where this is going wrong,

Also, i see in the logs that the device has a name that has the serial number in it.
i’ve put the intnernal DNS name for the device in the name field.

i’ve used that name to generate the certificate, for example:
in the logs i see the name PLTTSK102356L, the device recives a DHCP address with the hostname being (example) MYHOST.domain.com (where domain.com, is our internal company domain name)


#2

Hello,

The certificate format that Pearls use can be found via these links:

https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatefile

https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile

This also apply to certificates that we would use for use with 802.1x authentication of Pearl. 802.1x is done by wpa_supplicant.

Taken from main page:

wpa_supplicant supports X.509 certificates in PEM and DER formats. User certificate and private key can be included in the same file.

If the user certificate and private key is received in PKCS#12/PFX format, they need to be converted to suitable PEM/DER format for wpa_supplicant.


#3

Hello Adam, we’re still having issues with the certificates not taking in the vast majority of our encoders, when i press the apply button and error appears, on two of the encoders the error appears, but after reboot i see they have been installed, so i have two out of 14 that work.
I have worked with our certificate team to see what can be done, we’ve recreated all the certificates according to the documentation listed above. I’d preferre not to RMA all these encoders, but our security team here at work says we can not use these unless we can get this operational.
The fact that two of them work is cool, but i need all of them to work. Isn’t there some logging or more detailed error description somewhere on the machine, just the word ‘Error’ doen’t cut it.
What can i do to get this to work, it has to be soon.


#4

Hi Bruce,

Sorry to hear about this. I can see in our system that you have an on-going ticket with my colleague who has responded with a request for more information and details in order to consult with the development and QA teams. It would be best if you could continue troubleshooting the issue with him through our support ticket system.

Best regards,

  • Adam