Configuring web settings

About Security Settings : Configuring web settings

Web settings are under Settings > Security: Web Settings. These configuration options are available:

Default Web Login ID

Specifies the username that appears on the authentication page. The default value is admin.

Web Inactivity Timeout (minutes)

Specifies the number of idle minutes before time-out. The default is 15. A value of 0 disables time-out.

Allow Session Timeouts When Viewing Auto-Refreshing Pages

Enables session time-out. By default, session time-out is enabled, which stops the automatic updating of the report pages when the session times out. Clear this check box to disable the session time-out, remain logged in indefinitely, and automatically refresh the report pages. Disabling this feature poses a security risk.

Managing SSL certificates

You can manage SSL certificates for the web user interface in the Management Console. In this page, you can:

• generate the certificate and key pairs on the Core. This overwrites the existing certificate and key pair regardless of whether the previous certificate and key pair was self-signed or user added. The new self-signed certificate lasts for one year (365 days).

• create certificate signing requests from the certificate and key pairs.

• replace a signed certificate with one created by an administrator or generated by a third party certificate authority.

1. Choose Settings > Security: Web Settings.

2. Under Web Certificate, select the Details tab to display the Core identity certificate details:

Issued To/Issued By

Common Name

Displays the common name of the certificate authority.

Displays the email of the appliance administrator.

Organization

Displays the organization name (for example, the company).

Locality

Displays the city.

State

Displays the state.

Country

Displays the country.

Validity

Issued On

Displays the date the certificate was issued.

Expires On

Displays the date the certificate expires.

Fingerprint

Displays the SSL fingerprint.

Key

Type

Displays the key type.

Size

Displays the size, in bytes.

3. Under Web Certificate, select the Replace tab. These configuration options are available:

Import Certificate and Private Key

Imports the certificate and key. The page displays controls for browsing to and uploading the certificate and key files. Or, you can use the text box to copy and paste a PEM file. The private key is required regardless of whether you are adding or updating the certificate.

Certificate

Upload

Browses to the local file in PKCS-12, PEM, or DER formats.

Paste it here (PEM)

Allows you to copy and then paste the contents of a PEM file.

Private Key

Specifies the private key origin.

• The Private Key is in a separate file. You can either upload it or copy and paste it.

• This file includes the Certificate and Private Key.

• The Private Key for this Certificate was created with a CSR generated on this appliance.

Separate Private Key

Upload (PEM or DER formats)

Browses to the local file in PEM, or DER formats.

Paste it here (PEM only)

Pastes the contents of a PEM file.

Decryption Password

Specifies the decryption password, if necessary. Passwords are required for PKCS-12 files, optional for PEM files, and never needed for DER files.

Generate Self-Signed Certificate and New Private Key

Generates a new private key and self-signed public certificate. The page displays controls to identify and generate the new certificate and key.

Organization Name

Specifies the organization name (for example, the company).

Organization Unit Name

Specifies the organization unit name (for example, the section or department).

Locality

Specifies the city.

State (no abbreviations)

Specifies the state.

Country (2-letter code)

Specifies the country (2-letter code only).

Email Address

Specifies the email address of the contact person.

Validity Period (Days)

Specifies how many days the certificate is valid.

Private Key Cipher Bits

Specifies the key length from the drop-down list. The default is 1024.

Generate Certificate and Key

Generates the certificate and key.

Organization Name

Specifies the organization name (for example, the company).

Organization Unit Name

Specifies the organization unit name (for example, the section or department).

Locality

Specifies the city.

State

Specifies the state. Don’t abbreviate.

Country

Specifies the country (two-letter code only).

Email Address

Specifies the email address of the contact person.

Generate CSR

Generates the Certificate Signing Request.