Chapter 8: Security Management152SSL CertificatesThe KX II-101-V2 uses the Secure Socket Layer (SSL) protocol for anyencrypted network traffic between itself and a connected client. Whenestablishing a connection, the KX II-101-V2 has to identify itself to aclient using a cryptographic certificate.It is possible to generate a Certificate Signing Request (CSR) and installa certificate signed by the Certificate Authority (CA) on the KX II-101-V2.The CA verifies the identity of the originator of the CSR. The CA thenreturns a certificate containing its signature to the originator. Thecertificate, bearing the signature of the well-known CA, is used to vouchfor the identity of the presenter of the certificate.Important: Make sure your KX II-101-V2 date/time is set correctly.When a self-signed certificate is created, the KX II-101-V2 date and timeare used to calculate the validity period. If the KX II-101-V2 date andtime are not accurate, the certificate's valid from - to date range may beincorrect, causing certificate validation to fail. See ConfiguringDate/Time Settings (on page 117).Note: The CSR must be generated on the KX II-101-V2.Note: When upgrading firmware, the active certificate and CSR are notreplaced.To create and install a SSL certificate:1. Select Security > Certificate.2. Complete the following fields:a. Common name - The network name of the KX II-101-V2 once itis installed on your network (usually the fully qualified domainname). The common name is identical to the name used toaccess the KX II-101-V2 with a web browser, but without theprefix “http://”. In case the name given here and the actualnetwork name differ, the browser displays a security warningwhen the KX II-101-V2 is accessed using HTTPS.b. Organizational unit - This field is used for specifying to whichdepartment within an organization the KX II-101-V2 belongs.c. Organization - The name of the organization to which the KX II-101-V2 belongs.d. Locality/City - The city where the organization is located.e. State/Province - The state or province where the organization islocated.
