To import an SSL certificate into an Ecessa device it must be contained in a PKCS #12 archive. To create this you will need the private key used to generate the Certificate Signing Request (CSR) and the resulting signed certificate.
Creating a certificate
For this example the private key is a named private.key and the signed certificate is named signed.crt. Those files will be used to create a PKCS #12 archive named bundle.p12 which can then be imported into the Ecessa device.
On a PC with the OpenSSL toolkit installed use the following command to create the archive:
openssl pkcs12 -export -in signed.crt -inkey private.key -out bundle.p12
Importing the certificate
The bundle.p12 file can now be imported into the Ecessa device by navigating to Certificates in the web interface. The Name will be how the certificate is displayed in the Ecessa interface, the Type should be set to PKCS12, and the Choose File button will allow you to select the file.
Changing the SSL certificate used by HTTPS
If it is desired to use the imported certificate instead of the default certificate for HTTPS management access, go to the Services configuration page and then scroll down to the Web Settings section. The imported certificate should be listed in the Web SSL Certificate drop-down menu. Select it and then click the Activate button.
0 Comments