Generate SSL Certificate#

For access to the digital clock via secured web pages - https it is necessary to burn SSL certificate directly to the digital clock. Clocks are provided with a factory certificate which is generated during the manufacturer process.

See also

More info about accessing the Web Interface from web browser via HTTP and HTTPS protocols can be found here .

Certificates are provided in the manufacturer process since SW version v7.12. In the case of updating SW version in the digital clock from earlier versions, there will be an active alarm Invalid SSL certificate. So it is necessary to upload an SSL certificate by your own.

Certificates required:

  • RSA 2048 bit

  • Fingerprint using SHA-256

Generate Certificate#

You can use any method to generate certificates.

If you are unfamiliar with the process of certificate generation, you may utilize this website.

  1. Visit CertificateTools.com.

    ../../../_images/certificate-generate.png

  2. On the top right list please select option Web Server (marked by blue).

  3. To the columns Common Names (marked by red), please type requested name of the subject and click Add.

    • For example MOBATIMEFD306F is used for the MAC address 00:16:91:fd:30:6f in the manufacturer process.

  4. To the column Subject Alternative Names DNS (marked by yellow), please type requested name of the subject and then click Add.

    The requested name of the subject can be:

    • MOBATIMEFD306F (as stated above)

    • MOBATIMEFD306F.local

    • IP address

  5. In the CSR Options please set CSR Only to the Self-Sign (marked by purple) and type requested validity of certificate, e.g. 30 years.

  6. Optionally, you can also set other fields.

  7. Then click Submit.

  8. The web page will generate a certificate.

  9. Download files Private Key and PEM Certificate.

    ../../../_images/download-certificate.png

Hint

You can also use these instructions if you want to generate different SSL certificates.

Uploading a Certificate#

  1. Rename file cert.key (Private Key) to key.pem.

  2. Rename file cert.crt (PEM Certificate) to cert.pem.

  3. Copy these files to the folder for your TFTP server.

  4. On the web page of digital clock navigate to section Supervision Services.

  5. Set the field HTTPS server certificate upload to Private Key and press Apply.

    It should display Configuration saved and the Private Key should be uploaded.

  6. Set the field HTTPS server certificate upload to the Certificate and press Apply.

    It should display Configuration saved and the Certificate should be uploaded.

Certificate Application and Managing#

Apply a New Certificate#

  1. Set the field HTTPS server certificate manage to the Apply user certificates and press Apply.

    It should display Configuration saved and a new certificate should be uploaded.

Delete User Certificate#

  1. Set the field HTTPS server certificate manage to the Apply factory certificates (delete user certificates) and press Apply.

    It should display Configuration saved and user certificates should be deleted.