12
P R O C E S S M A S T E R
W A F E R
F E
M
6 3 0
| COM/FE
M
630/E/MB
-
EN RE
V. A
…Web page access
Webpage certificates
The device generates a default certificate. The certificate has
the properties that follow:
• Issuer: ABB Device Root CA
• Subject: my-hostname.my-domain
• Serial: Randomly generated
• Valid From: Time of generation
• Valid Till: Time of generation plus 365 days
• Subject Alt name: 192.168.1.122, my-hostname.my-domain
• Key: 384-bit EC key with secp384 curve.
Upload your own certificate
To upload your own certificate, do the steps that follow:
1
Go to webpage menu
SSL Certificate
>
New certificate
.
2
When prompted, attach the certificates that follow:
• Root CA certificate
• Server certificate
• Private key associated with server certificate
Note
The files can be in PEM or DER format. The file names are not
important, the device renames them internally.
3
Wait for the device to verify the files.
4
Make sure that a summary of the certificates shows on the
webpage.
5
If necessary, upload new certificates or switch to a different
certificate.
6
If you switch to a new certificate, sign in at the prompt.
Intermediate CA
A more complex PKI structure is supported, with intermediate
certificates.
-----BEGIN CERTIFICATE-----
<Endpoint certificate for server>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<Intermediate certificate #1>
-----END CERTIFICATE-----
...
-----BEGIN CERTIFICATE-----
<Intermediate certificate #n>
-----END CERTIFICATE-----
Private keys protected with passwords are not supported.
Generate a certificate
1
Go to webpage menu
SSL Certificate
>
Generate certificate
.
2
Sign in at the prompt.
Note
The certificate has the properties that follow:
• Issuer: ABB Device Root CA
• Subject: <Host name>.<Domain Name>
• Serial: Randomly generated
• Valid From: Time of generation
• Valid Till: Time of generation plus 365 days
• Subject Alt name: <IP address>, <Host name>.<Domain Name>
• Key: 384-bit EC key with secp384 curve.
