The console server uses the Secure Socket Layer (SSL) to secure traffic between itself and a connected user. When establishing this connection the console server exposes its identity to the user’s browser using a cryptographic certificate.
The default certificate that comes with the console server upon delivery is for testing purpose only. So when you first browse to the console server (https:// ip address) your browser will respond with a message that the certificate is "untrusted". Initially you'll need to direct your browser to (temporarily) proceed and accept this untrusted certificate. However it is recommended you generate and install a new certificate - that is certified and unique for your particular console server.
The console server can generate a new cryptographic key and the associated Certificate Signing Request (CSR) that you will then need to have certified by a Certification Authority (CA). A certification authority verifies that you are the person who you claim you are, and they will sign and issue an SSL certificate to you.
- Select System: SSL Certificates
- Enter data for the Common Name, Organizational Unit, Organization, Locality/City, State/Province, Country, Email, Challenge Password and Key length
- Click Generate CSR and when generated Download the CSR to your machine
- The temporary CSR and private key is store in
/etc/config/pending.pem (private key)
Next step is to send the saved CSR string off to a Certification Authority (CA) for certification. You will get the new certificate back from the CA (after a more or less complicated traditional authentication process depending on the CA) - and you can thenUpload it to the console server.
After these steps are completed your console server will have its own trusted certificate and you should no longer receive warnings from your browser:)