Table of Contents
Advertisement
Chapter 4
Using Scripts to Create SSL Certificates
Figure 1: Scenario 1
1. Root Certificate Authority (CA)
1.
Navigate to the RCKeyGen folder on the script machine and open the file config.txt in a text editor.
NOTE
Do not use the default parameters provided in the config.txt file. They are provided as an
example only.
Make sure CREATE_ROOTCA equals 1.
2.
3.
Update the other parameters with relevant values.
4.
Save and close the file.
5.
Open the file device_data.txt in a text editor and replace the current content with a list of addresses
(one per line) for devices for which certificates are to be generated. The script will take the list of addresses
and use them as the Common Name parameter in the Distinguished name field (i.e. the Subject Identifier in
an X.509 certificate). The script can take both IP addresses and DNS names for the switches. The list must
have some addresses for the script to generate certificates.
NOTE
Setting the Common Name (IP address/DNS address) correctly will make sure browsers do not
complain about the certificate Common Name not matching the URL. The switch will also have
to be accessed using the DNS name or the IP address that was provided in device_data.txt.
Configuring an IP address for the Common Name and then accessing the unit with a DNS name
(or vice versa) will cause the browser to complain.
6.
Save and close the file.
NOTE
For Windows XP, scripts should be launched through the command prompt in the same order as
described in this procedure.
8
1
3
2. Certificate
3. ROS/ROX Devices
2
Scenario 1: The Machine Hosting the Scripts Becomes
RUGGEDCOM
Application Note
the Root CA
- Quick Links:
- Introduction
Hide quick links:
Advertisement
Table of Contents
