internet access certificate

[jkraus]

I have my isy port forwarded and using dyndns to give me a fixed ip for login remotely, and all works fine, I can logon securely (https at port 443) and unsecure at port 8o with http. However when I run either one from PC on my network just to try it when I go to the admin consol and log on it gives message to disble internet or get new certificate, neither one does anything. If I say get new certifcate it goes to another admin consol log on with nothing there, in either case if I just closebthe messge everything works fine. What is going on? and is it necessary to log on securely (https port 443) or not, as this is an are I am not expert on>

Thx

Joe

[Michel Kohanim]

Hi Joe,

 

You cannot install a certificate remotely. You have to do it when you are local to ISY.

 

It's up to you to decide whether or not you want to install a new certificate. All ISYs come with default certificates out of factory which is not going to be very secure. It's best to install your own certificate and make sure to use only port 443.

 

With kind regards,

Michel

[jkraus]

thanks Mitchel

 

I dont really understand the concept of certificates but I like to learn. In any case when I select "manage my certificates" form the admin Consol from local PC it goes to another admin consol and has me log in again so I do then the admin consol is blank. So I am at a loss of what to do next

Joe

[jkraus]

Ok now I see how when I get to the blank consol how to add a new certificate. So I did so but i have no idea what I did or what effect it has, sorry for the lack of knowledge in this area

[Michel Kohanim]

Hi Joe:

 

http://www.universal-devices.com/mwiki/ ... ertificate

 

With kind regards,

Michel

[jkraus]

Thanks michel

Yes I found this between my second and third post, so thanks for the help. I have no idea why installing a new certificate increases my security since log on is the same but I guess I need to do some reading

Thx

Joe

[Michel Kohanim]

Hi Joe,

 

1. HTTPS (not HTTP) enforces encryption on all traffic between the browser and ISY. So, no one without a KEY would be able to decrypt the traffic

2. Certificate is like a decryption key for the browser. By having your own unique certificate it means that you have your own unique decryption key

 

With kind regards,

Michel

[aLf]

So how do you you get a certificate and how uch do they cost?

 

aLf

[Sub-Routine]

Hi aLf,

 

The certificates do not cost anything but you will have to accept the certificate from every browser you use to access the ISY.

 

See Michel's link above: ISY-99i/ISY-26_INSTEON:Remotely_Connect_to_Your_ISY#Creating_an_ISY_Self_Signed_Certificate

 

Rand

 

So how do you you get a certificate and how uch do they cost?

 

aLf

[jtara92101]

I am having the same problem as the original poster. I think others have misunderstood just what he is reporting.

 

I have an expired certificate. When I attempted to create a new one, I get a new browser window. The title of the window is "My ISY Certificate Manager".

 

The problem is that the Java applet never opens. I get a screen that says "Universal Devices" "Please keep this window Open". There's a gray box, and the status bar says "Start: applet not initialized".

 

It just sits there forever with the gray box.

 

Note that I'm running the stand-alone desktop Java application, admin.jnlp. So, I'm kinda surprised that it opened a browser window.

 

I am NOT accessing it remotely, but from my local LAN.

 

The problem is that the certificate manager never starts.

[Michel Kohanim]

jtara92101,

 

Please upgrade to 2.8.10 and MAKE SURE you using 2.8.10 URLs (http://your.isy.ip.address/admin or admin.jnlp or http://www.universal-devices.com/99i/2.8.10/ or http://www.universal-devices.com/99i/2.8.10/admin.jnlp ).

 

With kind regards,

Michel