![]() For the procedure of installing a certificate in your product, please see the product manual.If more advanced security is required, the Certificate Authority services such as VeriSign must be used. The self-signed certificate created based on the procedure provided in this document can be used for testing purposes in a closed network, or for applications within the internal LAN environment.Note that creating an SSL Certificate is out of Cisco's support range, and that it needs to be created at the customer's own responsibility. The procedure provided in this document is intended as a sample.> openssl x509 -req -in example.csr -CA CA.cer -CAkey CA.key -set_serial 01 -out example.cerĪ self-signed certificate, "example.cer", is generated by this command. Sign the certificate using the Certificate Authority. The option at the end specifies the duration (days) of the certificate.ĥ. Install the generated certificate in the browser with which you access the WebUI of the product concerned. You are prompted to enter some items in a similar way to Step 2 above. > openssl req -new -x509 -key CA.key -out CA.cer -days 365 Generate a root certificate for the Certificate Authority. > openssl genrsa -des3 -out CA.key 2048Ĥ. Generate an RSA key pair for the Certificate Authority. Specify the host name or IP address for the product concerned for the "Common Name" field.ģ. Generate a Self-Signed Certificate with OpenSSL Create a folder to hold the generated certificate: mkdir certificates Change the current directory to the. ![]() When you execute this command, you are prompted to enter some items. > openssl req -new -key example.key -out example.csr Create a certificate for signing in the request to be sent to the Certificate Authority. The example.key is encrypted, which requires you to enter the password at the prompt when you generate the file.Ģ. Generate an RSA key pair using the following command: > openssl genrsa -des3 -out example.key 2048Ī sample file, "example.key", containing the public key and the private key is generated by this command.Ĭisco recommends, for security reasons, to use a key length of at least 2048 bits (specified with the option at the end). OpenSSL for Windows can be downloaded at the following URL:ġ. OpenSSL is available with Linux and UNIX by default for most cases. This document introduces an example procedure for creating a self-signed certificate using OpenSSL. The customer is expected to create a new certificate by themselves when the installed certificate has expired. The default self-signed certificate, pre-installed at the time of product shipment, is available. An SSL Certificate is required when you access the WebUI of the Cisco TelePresence product through HTTPS.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |