User Tools

Site Tools


serts50

Certificates.

The “Certificates” module is placed in the “Security” menu. This module is designed to manage certificates that are used to establish secure SSL / TLS client-server connections.

Learn more about SSL/TLS: https://en.wikipedia.org/wiki/Transport_Layer_Security

Created certificates can be used both in ICS CUBE and in other programs.

At the first installation of ICS CUBE the final certificates for the WEB interface (“Autogenerated GUI”), telephony (“Autogenerated Asterisk”) and mail (“Autogenerated MailServer”) are automatically created.

A list of certificates shows as a tree, and the module is divided into columns which contain a general information about the certificates: name, certificate type, private key status (encrypted or not encrypted), certificates data create and expiry date and the host name or address.

The “Add” button allows to create a new certificate. The “Delete” button allows to delete a created certificate. The “Export” button allows to export a created certificate. The “Import” button allows to import another certificate. The “View certificate” button displays certificate data.

Adding certificate.

Press the “Add” button for adding a new certificate.

On the “General” tab you need to specify certificate data: name of certificate, country code, address (city and region), organization, e-mail, host name or address.

On the “Settings” tab you need to specify certificate type (CA or final certificate), algorithm and encryption type, certificate expiry time and the key length in bits.

The “Key usage” tab allows to choose a template from the list or set it up it the “Key usage” and “Extended key usage” sections.

On the “Netscape” tab allows to specify the key for compatibility with older Netscape applications (released prior to the adoption of the X.509 v3 standard).

After press the “Add” button you will need to check the box “Encrypt private key with password” and specify a password or check the box “Do not encrypt private key”.

Note 1: not encrypted certificates is applied to ICS CUBE service.

Note 2: CA certificate always must be created previously the child final certificates. Only the final certificates is applied to ICS CUBE services (except the SSL-filtration). Incorrect applying of certificate to modules can make them not available for users.

Deleting certificates.

For deleting certificate you need to choose corresponded certificate and press the “Delete” button. The Ctrl key allows you to choose a few certificates.

The next message will displaying if this certificate is applied to any service of ICS CUBE:

Import / Export of certificates.

The “Import” button allows to import certificates.

On the “Certificate” field you need to upload file with certificate. On the “Certificate key” field you need to upload file with key.

For import certificate in PKCS12 format you should upload a corresponded file in the “Certificate” field and specify a password in the “Password of certificate in PKCS 12 format” field.

For certificate export you should press the “Export” button and select a needed option:

View certificate.

To view a certificate data you should select needed certificate from the list and press the “View certificate” button:

serts50.txt · Last modified: 2020/03/31 15:21 by zog