Configuring Security Settings : Configuring Web Settings
  
Configuring Web Settings
You can modify the SteelFusion Core Management Console web user interface and certificate settings in the Settings > Security: Web Settings page.
To modify web settings
1. Choose Settings > Security: Web Settings to display the Web Settings page.
2. Under Web Settings, complete the configuration using the controls described in this table.
Control
Description
Default Web Login ID
Specify the username that appears on the authentication page. The default value is admin.
Web Inactivity Timeout (minutes)
Specify the number of idle minutes before time-out. The default is 15. A value of 0 disables time-out.
Allow Session Timeouts When Viewing Auto-Refreshing Pages
By default, session time-out is enabled, which stops the automatic updating of the report pages when the session times out. Clear this check box to disable the session time-out, remain logged in indefinitely, and automatically refresh the report pages.
Caution: Disabling this feature poses a security risk.
3. Click Apply to apply the settings to the current configuration.
4. Click Save to save your settings permanently.
Managing Web SSL Certificates
You can manage SSL certificates for the web user interface in the SteelFusion Core Management Console. In this page, you can:
•  generate the certificate and key pairs on the Core. This overwrites the existing certificate and key pair regardless of whether the previous certificate and key pair was self-signed or user added. The new self-signed certificate lasts for one year (365 days).
•  create certificate signing requests from the certificate and key pairs.
•  replace a signed certificate with one created by an administrator or generated by a third party certificate authority.
To modify web certificates
1. Choose Settings > Security: Web Settings to display the Web Settings page.
2. Under Web Certificate, select the Details tab to display the Core identity certificate details.
 
 
Detail
Description
Issued To/Issued By
Common Name - Displays the common name of the certificate authority.
Email - Displays the email of the appliance administrator.
Organization - Displays the organization name (for example, the company).
Locality - Displays the city.
State - Displays the state.
Country - Displays the country.
Validity
Issued On - Displays the date the certificate was issued.
Expires On - Displays the date the certificate expires.
Fingerprint
Displays the SSL fingerprint.
Key
Type - Displays the key type.
Size - Displays the size, in bytes.
3. Under Web Certificate, select the Replace tab.
4. Complete the configuration using the controls described in this table.
Control
Description
Import Certificate and Private Key
Imports the certificate and key.
The page displays controls for browsing to and uploading the certificate and key files. Or, you can use the text box to copy and paste a PEM file.
The private key is required regardless of whether you are adding or updating the certificate.
Certificate
Upload - Browse to the local file in PKCS-12, PEM, or DER formats.
Paste it here (PEM) - Copy and then paste the contents of a PEM file.
Private Key
Select the private key origin.
•  The Private Key is in a separate file (see below) - You can either upload it or copy and paste it.
•  This file includes the Certificate and Private Key
•  The Private Key for this Certificate was created with a CSR generated on this appliance
Separate Private Key
Upload (PEM or DER formats) - Browse to the local file in PEM, or DER formats.
Paste it here (PEM only) - Paste the contents of a PEM file.
Decryption Password - Specify the decryption password, if necessary. Passwords are required for PKCS-12 files, optional for PEM files, and never needed for DER files.
Generate Self-Signed Certificate and New Private Key
Select this option to generate a new private key and self-signed public certificate.
The page displays controls to identify and generate the new certificate and key.
Organization Name - Specify the organization name (for example, the company).
Organization Unit Name - Specify the organization unit name (for example, the section or department).
Locality - Specify the city.
State (no abbreviations) - Specify the state.
Country (2-letter code) - Specify the country (2-letter code only).
Email Address - Specify the email address of the contact person.
Validity Period (Days) - Specify how many days the certificate is valid.
Private Key
Cipher Bits - Select the key length from the drop-down list. The default is 1024.
Generate Certificate and Key
Click to generate the certificate and key.
To generate a CSR
1. Under Web Certificate, select the Generate CSR tab.
2. Complete the configuration using the controls described in this table.
Control
Description
Organization Name
Specify the organization name (for example, the company).
Organization Unit Name
Specify the organization unit name (for example, the section or department).
Locality
Specify the city.
State
Specify the state. Do not abbreviate.
Country
Specify the country (two-letter code only).
Email Address
Specify the email address of the contact person.
Generate CSR
Click to generate the Certificate Signing Request.
3. Click Apply to apply your changes to the running configuration.
4. Click Save to save your settings permanently.