Cisco Systems OL-25712-04 Security Camera User Manual

Open as PDF

of 768

to 2048 bits. In general, a longer key is more secure than a shorter key. Cisco UCS Manager provides a default

key ring with an initial 1024-bit key pair, and allows you to create additional key rings.

The default key ring certificate must be manually regenerated if the cluster name changes or the certificate

expires.

This operation is only available in the UCS Manager CLI.

Certificates

To prepare for secure communications, two devices first exchange their digital certificates. A certificate is a

file containing a device's public key along with signed information about the device's identity. To merely

support encrypted communications, a device can generate its own key pair and its own self-signed certificate.

When a remote user connects to a device that presents a self-signed certificate, the user has no easy method

to verify the identity of the device, and the user's browser will initially display an authentication warning. By

default, Cisco UCS Manager contains a built-in self-signed certificate containing the public key from the

default key ring.

Trusted Points

To provide stronger authentication for Cisco UCS Manager, you can obtain and install a third-party certificate

from a trusted source, or trusted point, that affirms the identity of your device. The third-party certificate is

signed by the issuing trusted point, which can be a root certificate authority (CA) or an intermediate CA or

trust anchor that is part of a trust chain that leads to a root CA. To obtain a new certificate, you must generate

a certificate request through Cisco UCS Manager and submit the request to a trusted point.

The certificate must be in Base64 encoded X.509 (CER) format.Important

Creating a Key Ring

Cisco UCS Manager supports a maximum of 8 key rings, including the default key ring.

Procedure

Step 1

In the Navigation pane, click the Admin tab.

Step 2

On the Admin tab, expand All > Key Management.

Step 3

Right-click Key Management and choose Create Key Ring.

Step 4

In the Create Key Ring dialog box, do the following:

a) In the Name field, enter a unique name for the key ring.

b) In the Modulus field, select one of the following radio buttons to specify the SSL key length in bits:

• Mod512

• Mod1024

• Mod1536

• Mod2048

Cisco UCS Manager GUI Configuration Guide, Release 2.0

116 OL-25712-04

Configuring HTTPS

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems OL-25712-04 Security Camera User Manual