Changes for page CI Generated Certificates
Last modified by Alexander Mott on 2026/01/09 18:15
From version 5.1
edited by Mark Kohlmann
on 2022/01/13 21:10
on 2022/01/13 21:10
Change comment:
There is no comment for this version
To version 10.1
edited by Alexander Mott
on 2026/01/09 18:15
on 2026/01/09 18:15
Change comment:
There is no comment for this version
Summary
-
Page properties (2 modified, 0 added, 0 removed)
Details
- Page properties
-
- Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki. mark\.kohlmann@chiefintegrations\.com1 +XWiki.alexander\.mott@chiefintegrations\.com - Content
-
... ... @@ -5,3 +5,40 @@ 5 5 |Root/Intermediate Chain|[[Root-Intermediate Chain>>attach:rootCA_cert.cer]] 6 6 |Root|[[Root Cert>>attach:CIRoot.cer]] 7 7 |Intermediate|[[Intermediate Cert>>attach:CICustomer.cer]] 8 + 9 +For Processors (3-series greater than 1.8001.4701.23085 or later / 4-series greater than v2.6000): 10 + 11 +* Load the root and intermediate cert to their respective stores (Toolbox->Functions->Security Certificates) 12 +** Select Root Tab 13 +*** Download [[Root Cert>>attach:CIRoot.cer]] 14 +*** Add Root Certificate and select the downloaded file 15 +** Select Intermediate Tab 16 +*** Download [[Intermediate Cert>>attach:CICustomer.cer]] 17 +*** Add Intermediate Certificate and select the downloaded file 18 +* Generate Certificate Signing Request (Toolbox->Functions->SSL Management->Play button) 19 +** If Toolbox's SSL Management gives an error, try generating the request through Text Console "##createcsr##" command 20 +*** Execute "##createcsr ?##" first to get all parameter values, and execute your command, e.g.: ##createcsr US:California:"Mission Viejo":"Chief Integrations":"Suport":100.64.0.1:support@chiefintegrations.com## 21 +*** Use File Manager or a separate SFTP program to extract the generated request.csr from the location indicated in the Text Console (typically "Internal Flash\sys\request.csr") 22 +* Send the following to Chief Integrations: 23 +** CSR (Certificate Signing Request) file 24 +** FQDN (Fully qualified domain name) of the processor 25 +*** For isolated Control Subnets, running "##doma##" command on the processor will give the FQDN (typically "[hostname].crestron") 26 +*** Use Windows Terminal and run "ping [FQDN]" to verify the FQDN is correct, e.g. 27 +** IP Address of the processor 28 +*** For isolated Control Subnets, this should be the IP on the CS, e.g. 100.64.0.1 or 172.22.0.1 29 +* Chief Integrations will send back the signed certificate 30 +* Load the signed certificate (Toolbox->Functions->SSL Management->Play button->Upload Signed Certificate) 31 +* Load the Root-Intermediate chain (Toolbox->Functions->SSL Management->Play button->Upload Root Certificate) 32 +* Select CA Signed (Toolbox->Functions->SSL Management) 33 +* Password boxes should be empty (Toolbox->Functions->SSL Management) 34 +* Hit Ok, processor will reboot 35 + 36 +For Touchpanels: 37 + 38 +* Load the root and intermediate cert to their respective stores (Toolbox->Functions->Security Certificates) 39 +** Select Root Tab 40 +*** Download [[Root Cert>>attach:CIRoot.cer]] 41 +*** Add Root Certificate and select the downloaded file 42 +** Select Intemediate Tab 43 +*** Download [[Intermediate Cert>>attach:CICustomer.cer]] 44 +*** Add Intermediate Certificate and select the downloaded file