Import UI Certificate/Key
Article ID: 260803
Updated On:
Products
Issue/Introduction
TLS 1.2 is required for the connection to the WebUI. By default, the system uses a self-signed server certificate. However, this certificate will cause security warnings from browsers. To avoid these messages, you can import a signed SSL server certificate for the WebUI web server.
Resolution
You can either upload the certificate from a file in PEM, PKCS#8, DER, or PKC#12 format or paste the certificate text in PEM or PKCS#8 format.
Upload Certificate from a File
To upload the signed certificate from a file:
1. From the ( Platform Management ) menu, select Import UI Certificate/Key. The Upload File tab opens.
2. Use the Choose File buttons to select the certificate and key files.
3. If the files are password protected, select the Encrypted check box and enter the Password.
4. Click Add.
Paste Certificate Text
To paste the certificate text:
1. From the ( Platform Management ) menu, select Import UI Certificate/Key.
2. Click the Paste Text tab.
3. Copy the certificate text and paste it in the Certificate Data box.
4. Copy the key text and paste it in the Key Data box.
5. If the files are password protected, select the Encrypted check box and enter the Password.
6. Click Add.
WebUI Cipher Support
The following ciphers are supported for the WebUI connection.
Table: WebUI Cipher Support
Cipher ID
ECDHE-RSA-AES256-GCM-SHA384 0xC0,0x30
ECDHE-ECDSA-AES256-GCM-SHA384 0xC0,0x2C
DHE-RSA-AES256-GCM-SHA384 0x00,0x9F
ECDHE-ECDSA-CHACHA20-POLY1305 0xCC,0xA9
ECDHE-RSA-CHACHA20-POLY1305 0xCC,0xA8
ECDHE-ECDSA-CHACHA20-POLY1305-D 0xCC,0x14
ECDHE-RSA-CHACHA20-POLY1305-D 0xCC,0x13
DHE-RSA-CHACHA20-POLY1305 0xCC,0xAA
DHE-RSA-CHACHA20-POLY1305-D 0xCC,0x15
AES256-GCM-SHA384 0x00,0x9D
ECDHE-RSA-AES128-GCM-SHA256 0xC0,0x2F
ECDHE-ECDSA-AES128-GCM-SHA256 0xC0,0x2B
DHE-RSA-AES128-GCM-SHA256 0x00,0x9E
AES128-GCM-SHA256 0x00,0x9C
Feedback
