Wiki source code of CI Generated Certificates
Last modified by Mark Kohlmann on 2022/01/13 21:36
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | Chief Integrations can sign certificates for customers to deploy on their processors. The CI generated certificate will be good until the end of 2040. This is an alternative to having the customer sign certificates with their own internal infrastructure. | ||
| 2 | |||
| 3 | (% style="width:500px" %) | ||
| 4 | |=Certificate Type|=Download | ||
| 5 | |Root/Intermediate Chain|[[Root-Intermediate Chain>>attach:rootCA_cert.cer]] | ||
| 6 | |Root|[[Root Cert>>attach:CIRoot.cer]] | ||
| 7 | |Intermediate|[[Intermediate Cert>>attach:CICustomer.cer]] | ||
| 8 | |||
| 9 | For Processors (3-series greater than 1.8001.4701.23085 or later / 4-series greater than v2.6000): | ||
| 10 | |||
| 11 | * Load the root and intermediate cert to their respective stores (Toolbox->Functions->Security Certificates) | ||
| 12 | ** Select Root Tab | ||
| 13 | *** Download [[Root Cert>>attach:CIRoot.cer]] | ||
| 14 | *** Add Root Certificate and select the downloaded file | ||
| 15 | ** Select Intermediate Tab | ||
| 16 | *** Download [[Intermediate Cert>>attach:CICustomer.cer]] | ||
| 17 | *** Add Intermediate Certificate and select the downloaded file | ||
| 18 | * Generate Certificate Signing Request (Toolbox->Functions->SSL Management->Play button) | ||
| 19 | * Send the following to Chief Integrations: | ||
| 20 | ** CSR (Certificate Signing Request) file | ||
| 21 | ** FQDN (Fully qualified domain name) of the processor | ||
| 22 | ** IP Address of the processor | ||
| 23 | * Chief Integrations will send back the signed certificate | ||
| 24 | * Load the signed certificate (Toolbox->Functions->SSL Management->Play button->Upload Signed Certificate) | ||
| 25 | * Load the Root-Intermediate chain (Toolbox->Functions->SSL Management->Play button->Upload Root Certificate) | ||
| 26 | * Select CA Signed (Toolbox->Functions->SSL Management) | ||
| 27 | * Password boxes should be empty (Toolbox->Functions->SSL Management) | ||
| 28 | * Hit Ok, processor will reboot | ||
| 29 | |||
| 30 | For Touchpanels: | ||
| 31 | |||
| 32 | * Load the root and intermediate cert to their respective stores (Toolbox->Functions->Security Certificates) | ||
| 33 | ** Select Root Tab | ||
| 34 | *** Download [[Root Cert>>attach:CIRoot.cer]] | ||
| 35 | *** Add Root Certificate and select the downloaded file | ||
| 36 | ** Select Intemediate Tab | ||
| 37 | *** Download [[Intermediate Cert>>attach:CICustomer.cer]] | ||
| 38 | *** Add Intermediate Certificate and select the downloaded file |