SSL-certificate installation
When working with the device via HTTPS device generates a self-signed certificate. Installation of user certificate is available.
It should be noted that the performance of the device’s web interface is reduced due to the length of the key.
Certificate installation
Creating a self-signed certificate with OpenSSL
Self-signed certificates can be generated with a script:
#!/bin/sh
CERT_PATH="."
CERT_NAME=${CERT_PATH}/"custom"
CERT_SUBJ="/C=SK/ST=Bratislava/L=Bratislava/O=Vutlan s.r.o./OU=IT Department/CN=vutlan.com"
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout "${CERT_NAME}.key" -out "${CERT_NAME}.pem" -subj "${CERT_SUBJ}"
Then install files custom.pem
and custom.key
under the certificate installation procedure.
You can install your certificate on the Preferences -> Network page. You must enable HTTPS and upload the key and certificate files.
After clicking the Save button, the settings will be saved and the system will automatically restart with new settings.
Or you can generate a self-signed HTTPS certificate directly in the system if this function is supported. Press the Self-signed certificate -> Generate button and wait for the end of the procedure. The certificate name will be displayed in the appropriate fields. The certificate has a validity of 10 years.
If the certificate files with an error and cannot be used by the system, then the system will use safe settings: port 80, HTTPS is disabled. The log will be a corresponding error message.
Certificate installation for versions 2.5
Creating self-signed certificates by OpenSSL
Self-signed certificates can be generated by:
openssl req -x509 -nodes -days 365 -newkey cert.key -out cert.crt
Then combine with text editor both files cert.key
and cert.crt
in next steps: in the beginning content of cert.key, then the content of cert.crt
. Save a file like custom.pem
, copy it to the USB flash, and put a USB stick to the device USB port.
To install your own certificate file copy it to the USB-flash, rename the file to custom.pem
, and put USB-flash to the device USB port.
After the completion of the exchange (the LED on the USB flash drive and flash off), remove the USB flash and open the web interface over HTTPS.
Commercial certificates
Vutlan systems are fully compatible with commercial certificates provided by trusted Certificate Authorities (CAs).
To use a commercial certificate, ensure the following files are prepared and correctly configured:
Certificate File: | Contains the public certificate issued by the CA (e.g., certificate.crt). |
Key File | Contains the corresponding private key (e.g., private.key). |
Both files must be in PEM format and properly matched. Install these files in the system's certificate directory and configure the certificate and key paths in the system settings.