Secure Sockets Layer (SSL) Certificates
Extron TouchLink Pro control systems ship with factory‑installed SSL certificates created by
Extron. If you want or are required to use a different SSL certificate at your installation site, then
you can use system utilities in the Toolbelt software to change the SSL certificate at any time.
The
Toolbelt Help File
provides instructions on how to apply an SSL certificate to a controller.
NOTES:
•
You must run Toolbelt as an administrator.
•
Some certificates require a passphrase that is created when the certificate is created.
If a passphrase is required, you must enter that passphrase before uploading and
applying the certificate.
These devices support standard OpenSSL certificate encodings such as .pem (Privacy‑
enhanced Electronic Mail) and .der (Distinguished Encoding Rules) file types. PEM file types are
ASCII encoded and are the required format for uploading to the Extron control product. DER file
types are binary encoded and can typically have several file extension variations, such as .crt and
.cer. There are many standard tools that can convert from DER to PEM file encodings if needed.
NOTE:
A DER format file must be converted to PEM encoding before uploading it to the
button panel, control processor, or collaboration receiver.
To properly create the certificate for uploading to Extron control devices, ensure that the
certificate file meets the following requirements:
•
contains X.509 certificate information
•
contains public and private keys
•
uses PEM encoding
NOTE:
ITU‑T standard X.509 covers aspects of public key encryption, digital cryptography,
certificates, and validation.
Contact your IT administrator for more information on what tools and policies are required to
obtain or create the SSL certificate and, if necessary, the corresponding passphrase.
IEEE 802.1X Certificates
IEEE 802.1X is a standard that enables port‑based network access control via an authentication
server. The protocol requires that all devices must be authenticated before gaining privileges to
access the secure part of the network.
The Extron implementation of 802.1X supports PEAP ‑ MSCHAPV2 and EAP ‑ TLS methods of
authentication. This section of the guide details the
(see the next
page) and the
(see the next page) to be used in the system.
Extron provides resources for learning about 802.1X implementation:
•
The
Extron 802.1X Technology Reference Guide
, available from
primary resource for background information, system planning, topology, and how to set up
these systems.
•
The
Toolbelt Help file
provides detailed step‑by‑step information on using the software to set
up 802.1X for TouchLink Pro control systems and on troubleshooting.
•
The
802.1X Primer
white paper, also available from
, provides a general
overview of the protocol and its use within a control system.
NOTES:
•
You must run Toolbelt as an administrator.
•
Machine certificates require a private key file, which can be encrypted.
TLC Pro 526M, 726M, and 1026M Series TouchLink Pro Control Systems • Reference Material
37