Custom TLS/SSL Certificate

Hint

  • TLS (the successor of SSL) is the only secure protocol that is used, but in combination with certificates the term SSL is still used very often.
  • Basic knowledge about TLS-certificates is required, this document expects a certain level of familiarity with TLS and X.509.
  • The IAC-BOX does only support PEM certificates, DER certificates have to be converted.
  • The key file must not be password protected.
  • Intermediate certificates have to be appended to the ca-file.
  • System Administrators are in charge to backup the key-files and store them securely.

Using a custom certificate

You can use any PEM type certificate on the IAC-BOX. To enable the option to upload your certificate navigate to Settings / Network / General and change the hostname and domainname according to your certificate.

Now click on Save. After the settings are saved, the IAC-BOX will now recognize that you require a custom certificate.

../_images/custom_ssl_certificate_en_1.png

Navigate to the tab Surf-LAN Certificate. Now you can upload your certificate files.

../_images/custom_ssl_certificate_en_2.png

Attention

After you uploaded your files, you have to navigate back to General and click on Save.

CSR Generator

With the CSR Generator you can generate your own certificate signing request on the IAC-BOX. Make sure that you save all the provided data. After generating the CSR request it has to be signed by a CA (certificate authority).

You will then receive your new certificate which you can upload as shown above.