Jump to content

How do I generate and install a self signed certificate

mitch236

By mitch236
in ISY994

Recommended Posts

  • 2 weeks later...
paauto Member

paauto

Posted
Posted

I too am trying to figure out the self signed cert process. It seems that even after creating a self signed cert and adding it to my remote computer's Trust Cert folder I continue to get the warning message. I am directing my remote computer's browser to the old (99i) address. Do I need to direct it to a different suffix? Presetnly I am using https://mydnsalias:secure port number. Is this the problem? Is the old admin counsel obsolete and replaced with the new one? The old one seems to work fine.

Michel Kohanim Wise Elder

Michel Kohanim

Posted
Posted

Hi paauto,

 

The domain name (or IP address) for ISY must be identical to the common name that you have used for the certificate. If not, then regardless of what you do with the trust center in your computer, you will get that warning.

 

With kind regards,

Michel

paauto Member

paauto

Posted
Posted

Where do I find the "common name" for the certificate? I self created a certificate with an issuer and host name of 192.168.1.104 (i.e. the IP address of the 994 on my network). The https port I use (with port fowarding) is 6700. The URL I use to remotely access is:

 

https://XXX.dnsalias.org:6700/web/index.htm (where XXX is my alias name, redacted for this forum).

 

I think what you are instructing is the URL has to match something in the certificate. If so, what in the certificate?

 

Thank you.

paauto Member

paauto

Posted
Posted

Thanks Michael. Apologies for being a bit dense, but should I then insert XXX.dnsalias.org as the Host Name when I create the certificate? Also, does it matter what I input as Org., Org. Unit, Locality, State and Country or should I use the values in the example on page 8 of the guide? I did use Key Strength 2048.

 

Thank you.

sk8er02 Newbie

sk8er02

Posted
Posted
Hi mitch236,

 

This is a zip file. If you don't mind, you can send me your zip file and I can take a look ... please note that this is not secure since I will have access to your certificate. My email is support@universal-devices.com .

 

With kind regards,

Michel

 

What ended up being the solution to this? I've requested a certificate from GoDaddy but after I install it, I'm not able to access the ISY 99i Pro through the secure URL. And the external domain listed under about is just my IP address.

 

The certificate I'm installing looks somewhat like this, it's from a file from GoDaddy called gd_bundle.crt

 

-----BEGIN CERTIFICATE-----

(a bunch of characters)

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

(a bunch of characters)

-----END CERTIFICATE-----

sk8er02 Newbie

sk8er02

Posted
Posted
Hi sk8er02,

 

GoDaddy allows two different certificate issuers. One is GoDaddy and the other is Starfield. Please choose Starfield instead of GoDaddy as the issuer and retry.

 

With kind regards,

Michel

 

Thanks! I'll give it a try tonight. Am I using the right option? I'm choosing "other" and using the "bundle" file that it gives. I'm getting the same options as Mitch in his screen shot earlier in this thread.

Guest
This topic is now closed to further replies.
Go to topic listing

  • Recently Browsing

    • No registered users viewing this page.

  • Who's Online (See full list)

  • Forum Statistics

    • Total Topics
      37k
    • Total Posts
      371.5k
×
×
  • Create New...