SSL Certificates Registry Key
OVERVIEW
A TLS secured communications channel requires both the RSA key pair and a
SSL Certificate. The CERTMGR command may be used to install an externally
generated and signed SSL Certificate that must be associated with the
separately installed RSA key pair. Typically the internally generated key
pair and certificate are sufficient.
A secure connection to the JNIOR may be flagged by browsers as 'NOT SECURE'
or 'UNSAFE'. This is only because the the JNIOR's self-signed Certificate
has not been obtained from any of the approved Certificate Authorities. The
Certificate may be labeled as 'INVALID'. You may rest assured that the
connection is still fully encrypted and 'PRIVATE'.
In the absence of a loaded SSL Certificate, JANOS will generate a certificate
using the current RSA key pair. Registry keys are provided which allow you to
customize the information provided in this certificate. Since self-signed
certificates are not generally recognized as
trusted by browsers, users will
be confronted by a standard warning. The information in the certificate may
be configured so your users may recognize the device and decide on their own
to accept the connection. The default values provide for a fully functional
connection.
The CERTMGR command may also be used to export the internally generated
Certificate. The resulting file may be imported into your computer's Trusted
Certificate Store. With this step the browser, recognizing a now trusted
certificate, will show a secured connection using a symbol such a lock.
SEE ALSO
HELP Topics:
SSL/Cert/C,
RSA_KEYS,
CERTMGR
[/flash/manpages/registry.hlp:1278]