Perle Systems Iolan Sds4 Hl Device Server 4030370 User Manual
259
Keys and Certificates
Keys and Certificates
When you are using SSH, SSL/TLS, LDAP/Microsoft Active Directory, or HTTPS, you will need to
install keys and/or certificates or get server keys in order to make those options work properly. All
certificates need to be created and all keys need to be generated outside of the IOLAN, with the
exception of the IOLAN SSH Public keys, which already exist in the IOLAN. SSH keys must be
generated using the OpenSSH format.
Certificate Authorities (CAs) such as Verisign, COST, GTE CyberTrust, etc. can issue certificates. Or,
you can create a RSA or DSA self-signed certificate using a utility such as OpenSSL.
To download or keys, a certificate, or a CA list or to upload the IOLAN public SSH key, select
install keys and/or certificates or get server keys in order to make those options work properly. All
certificates need to be created and all keys need to be generated outside of the IOLAN, with the
exception of the IOLAN SSH Public keys, which already exist in the IOLAN. SSH keys must be
generated using the OpenSSH format.
Certificate Authorities (CAs) such as Verisign, COST, GTE CyberTrust, etc. can issue certificates. Or,
you can create a RSA or DSA self-signed certificate using a utility such as OpenSSL.
To download or keys, a certificate, or a CA list or to upload the IOLAN public SSH key, select
Tools
,
Advanced
,
Keys and Certificates
.
The following fields are available:
Key / Certificate
Select the key or certificate that you want to download to the IOLAN or upload
the Management Module’s SSH Public Key.
Data Options:
Data Options:
z
Upload Server SSH Public Key, used for SSH management access
z
Download SSH User Public Key, used for SSH management access
z
Download SSL/TLS Private Key, required if using HTTPS and/or
SSL/TLS
z
Download SSL/TLS Certificate, required if using HTTPS and/or
SSL/TLS
SSL/TLS
z
Download SSL/TLS CA, required if using LDAP/Microsoft Active
Directory with TLS, SSL/TLS, and/or X.509 certificate authentication for
an IPsec tunnel
an IPsec tunnel
z
Download NTP/SNTP Keys File, required if using NTP/SNTP server
authentication
File Name
The file that you are going to download/upload to/from the IOLAN via TFTP.
Key Type
Specify the type of authentication that will be used for the SSH session. The
following list details the keys that support each key type.
Data Options:
following list details the keys that support each key type.
Data Options:
z
RSA—Server SSH Public Key, SSH User Public Key, SSH User Private
Key, SSH Host Public Key
Key, SSH Host Public Key
z
DSA—Server SSH Public Key, SSH User Public Key, SSH User Private
Key, SSH Host Public Key
User Name
v
The name of the user for whom you are downloading the
SSH User Public
or
Private Key
to the IOLAN.