SSL (Secure Socket Layer)

Similar documents
EZL-200F Application Notes (002) SSL (Secure Socket Layer)

Sending MAC Address Function

ezconfig User s Manual

eztcp Configuration Software ezmanager Manual Version 1.9 Sollae Systems Co., Ltd.

eztcp Utility ezvsp User Manual Version 2.1 Sollae Systems Co., Ltd.

CSE-H20 User's Manual

eztcp Technical Documents Internet Switch Caution: Specifications of this document may be changed without prior notice for improvement

IP Change Notification (DDNS)

EZL-400S User s Manual

EZL-200F User s Manual

CSE-H53N User s Manual

CSE-H55N User s Manual

Internet Switch (EZI-10)

CSE-H55N2 User Manual

CSE-H53N User Manual

CSE-M53N User Manual

Transport Level Security

NordField Electronics

Port Forwarding Setup (NB7)

ACE PLUS CORP. APCON100 series Operation Manual RS-232 to Ethernet Converter

Sena Device Server and Serial/IP Application Guide Version 1.0.0

EZL-50L User s Manual

CSW-H85F User s Manual

CSW-H85N User Manual

CSW-H85K User s Manual

SOLLAE SYSTEMS Product Overview. English Version

ilo MP Utilities ilo MP

2Ports Serial Device Server. CSE-H20 User Manual. Version 2.7. Sollae Systems Co., Ltd.

EZL-70 User s Manual

Serial LAN/WLAN Converter. CSC-H64 User Manual. Version 1.2. Sollae Systems Co., Ltd.

Kramer Electronics, Ltd. ETHERNET Configuration (FC-11) GUIDE

Product Family: Networking Hardware Number: AN-NH-012

EZL-300S User s Manual

The Applications and Gaming Tab - Port Range Forward

NCOM SERIAL DEVICE SERVER 1XX SERIES USER S MANUAL

Serial-to-Ethernet Tunnel Application Note

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

User s Guide. Ethernet Module for Barcode Printer

rbox610 Series Robust Din-rail Fanless Embedded System Web Configuration and App Software User s Manual

Transport Layer Security

SSL Communication Setup iseries Source

Port Forwarding Setup (RTA1025W)

NCOM SERIAL DEVICE SERVER 4XX SERIES USER S MANUAL

SERIAL TO ETHERNET CONVERTER E-P User Manual

4(b): Assign the IP address on the Serial interface of Router. Console Cable

Document Name: User Manual for SC10EK4 Serial to Ethernet Converter with 4 TCP Sockets. Index

Quick Start Guide. Remote Console Manager

Model XS1000 TCP/IP to RS232/422/485 Device Server User s Manual

Internet security and privacy

SCADALink IP100 SCADA Terminal Server QUICK START GUIDE Revision 1.42 June 19, 2012

eztcp Utility ModMap User Manual Version 2.0 Sollae Systems Co., Ltd.

User Manual. SSV Remote Access Gateway. Web ConfigTool

Configure Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) Service Settings on a Switch

ECOV-110 User s Manual

EasyIO 30P Firmware Flashing and Upgrading. Firmware Flashing and Upgrading

How to upgrade the firmware

CPSC 467: Cryptography and Computer Security

RS-232/422/485 Over IP Adapter

HOME AUTOMATION, INC. Model 93A00-1. Serial Server. User s Manual

Digi TS Family. User Guide _A

Configuring Cisco Unity and Unity Connection Servers

1 port RS-232 Device Server

4 ports Remote I/O Controller. CIE-H14 User Manual. Version 1.0. Sollae Systems Co., Ltd.

Serial to Ethernet Converter HL-SE02P-V1. User s Manual V3.606

Serial Device Server- Dual Port Quick Installation Guide

Industrial Serial Device Server

Web as a Distributed System

Canlan INSTALLATION MANUAL

ZyWALL 10W. Internet Security Gateway. Quick Start Guide Version 3.62 December 2003

SSE232-LE Serial Server- User s Manual

TCP/IP Converter. EX-9132 Operation Manual for 8051 Series

Port Forwarding Setup (RTA1025W Rev2)

Configuring Actinic with ISA Server 2000

Product Description... 1 Internal Management Features... 5 Front Panel... 7 Watchdog Features... 12

Apache Security with SSL Using FreeBSD

Serial/IP Redirector

Communication adapter RS485/422 over the Ethernet ELO E222. User manual

ZyWALL 70. Internet Security Appliance. Quick Start Guide Version 3.62 December 2003

(1) Device Management tool: enables you to remotely manage AX220xx RS232-to-WiFi devices.

SOYAL AR-716E. TCP/IP Module Configuration. Programming

Configuring the CSS for Device Management

P4S-341 User Manual > Introduction. Overview

Docking Station DS-U4WEB with web server version 1 Instruction Manual

Telnet/KSHELL NETIO M2M API protocols docs

ADDENDUM. NetworkAIR FM. Contents. Management Card Wizard--1. File Transfers--10

CS321: Computer Networks FTP, TELNET, SSH

H3C SecBlade SSL VPN Card

Quick Start Guide. Remote Console Manager Quick Start Guide

Installation and Configuration Guide

ConnectUPS-X / -BD /-E How to use and install SSL, SSH

DIL/NetPC ADNP/1520 Board Revision 2.1 Installing an SSH Connection User Manual

16/24/48-Port 10/100/1000T + 2/4-Port 100/1000X SFP Managed Switch GS T2S/GS T2S/GS T4S. Quick Installation Guide

WiFi to RS-422/485 adapter user manual

VIEVU DOCKING STATION USER GUIDE

Chapter 3 Configuring Serial Device Server

Installing the Tibbo Device Server Toolkit

DG-A6 Serial Port Server User Manual

GPORT104 User s Manual

E-commerce security: SSL/TLS, SET and others. 4.1

Wi-Fi 16 Relay Module User Manual 21 Aug Wi-Fi 16 Relay Module

Transcription:

eztcp Application Note SSL (Secure Socket Layer) Version 1.3 Sollae Systems Co., Ltd. http://www.eztcp.com

Contents 1 INTRODUCTION...- 2-1.1 SSL (Secure Socket Layer)...- 2-1.2 SSL with the eztcp... - 2-2 SETTING...- 3-2.1 Limitations...- 3-2.2 Set up SSL feature...- 3-2.2.1 Overview...- 3-2.2.2 Setting with ezmanager...- 4-2.2.3 SSL certificate generation...- 4-3 EXAMPLES OF USE...- 7-3.1 Overview...- 7-3.1.1 TCP connection type...- 7-3.2 TCP Server...- 7-3.2.1 Setting Confirmation with ezmanager...- 7-3.2.2 Setting Confirmation with Telnet console...- 9-3.2.3 Connecting to eztcp... - 10-3.3 TCP Client mode... - 12-4 REVISION HISTORY... - 13 - Sollae Systems Co., Ltd. - 1 - http://www.eztcp.com

1 Introduction 1.1 SSL (Secure Socket Layer) The Secure Socket Layer (SSL), developed by Netscape Company, was originally designed for secure electronic commerce and other Web transactions on the Internet. It was standardized as TLS (Transport Layer Security) by IETF (Internet Engineering Task Force) developing and promoting Internet standards. The latest version of SSL and TLS is the 3.0 and 1.0 respectively. 1.2 SSL with the eztcp The eztcp guarantees the security of communications on the Internet by supporting SSL 3.0 / TLS 1.0. This application note introduces how to use SSL feature for CSE-M32, CSE-H20, CSE-H21, CSE-M73 and CSE-H25. Sollae Systems Co., Ltd. - 2 - http://www.eztcp.com

2 Setting 2.1 Limitations Cannot use SSL feature in U2S UDP Communication Mode User cannot use the following features SSH and Telnet COM Port Control(RFC2217) Restrictions while using SSL feature on each product <CSE-M32, CSE-H20, CSE-H21> Maximum baud rate of serial port is the 115,200bps / COM2 serial port is disabled <CSE-M73, CSE-H25> Maximum baud rate of serial port is the 115,200bps / Multi Monitoring feature is disabled 2.2 Set up SSL feature 2.2.1 Overview SSL function can be used TCP server as well as TCP client mode. In the case of TCP client mode, just check [SSL] in "Option" tab of ezmanager. Then you can make SSL connection. On the other hand, you should connect on Telnet and make certification when using TCP server mode. Sollae Systems Co., Ltd. - 3 - http://www.eztcp.com

2.2.2 Setting with ezmanager Check [SSL] in OPTION tab of ezmanager. 2.2.3 SSL certificate generation Figure 2-1 Setting SSL option Connect to TELNET console by a TELNET client. Figure 2-2 connect to TELNET console Entering a password is required if you set a password to your product. Starting with firmware version 2.0A, you need to enter "sollae" without setting a password. Sollae Systems Co., Ltd. - 4 - http://www.eztcp.com

The following is the telnet console command list Item Command Descriptions rsa keygen <key length> supporting KEY length 512/768/1024 RSA KEY rsa key Confirm generated RSA KEY rsa test Check RSA KEY is correctly generated Certificate cert new Generate certificate from RSA KEY cert view Confirm generated certificate Save ssl save aa55cc33 Save the configuration of SSL related parameter Table 2-1 Telnet commands for setting SSL option RSA KEY generation Generate RSA KEY first for certificate generation. The eztcp supports 512, 768 and 1024 bytes KEY length. In accordance with the KEY length, KEY generation may take a number of minutes. Longer KEY length provides more secure communications and takes longer time for KEY generation. For example, 1024-bit KEY length may take about 1 minute on average. The command form is rsa keygen <key length> as shown below. Figure 2-3 RSA KEY generation This RSA KEY can check if it is correctly generated by rsa test command. The present generated RSA KEY can be confirmed by rsa key command. When you generate a new RSK KEY, the old one is replaced with the new one. Sollae Systems Co., Ltd. - 5 - http://www.eztcp.com

Digital certificate generation If RSA KEY is generated successfully, a certificate can be generated by cert new command. Figure 2-4 Certificate generation Unlike a TCP client, this step is required to TCP server. A new digital certificate should be generated whenever a local IP address of eztcp is changed, because it contains the IP address information. When you generate a new certificate, the old one is replaced with the new one. Save the configuration The RSA KEY and the digital certificate have to be saved to the flash memory of eztcp for using SSL feature. The command form is ssl save aa55cc33. Figure 2-5 Save SSL configuration Sollae Systems Co., Ltd. - 6 - http://www.eztcp.com

3 Examples of use 3.1 Overview 3.1.1 TCP connection type SSL requires TCP and communication mode for TCP is as follows. TCP Server T2S TCP Server mode TCP passive connection by ata command in ATC AT Command mode TCP Client COD TCP Client mode TCP active connection by atd(t) command in ATC AT Command mode 3.2 TCP Server 3.2.1 Setting Confirmation with ezmanager Click the [Status] button of ezmanager. Figure 3-1 ezmanager Sollae Systems Co., Ltd. - 7 - http://www.eztcp.com

Figure 3-2 ezmanager [Status] Check if there is SSL STATUS as shown above. Sollae Systems Co., Ltd. - 8 - http://www.eztcp.com

3.2.2 Setting Confirmation with Telnet console After logging in telnet console of eztcp, check both RSA KEY and digital certificate. The related command is rsa key and cert view. Especially, check if the current IP address of eztcp is the same with the IP address information of the digital certificate. Figure 3-3 confirm RSA KEY and Certificate Sollae Systems Co., Ltd. - 9 - http://www.eztcp.com

3.2.3 Connecting to eztcp To communicate with the eztcp whose SSL feature is enabled, a remote host must support SSL. Confirm SSL feature by using ezvsp supporting SSL. Checking network environment Configure network parameters such as IP addresses to make sure that PC can access to eztcp. Refer to the example which uses factory default values. Division eztcp PC IP Address 10.1.0.1 10.1.0.2 Subnet Mask 255.0.0.0 255.0.0.0 Local Port 1470 - Table 3-1 network parameters Setting ezvsp Click the [Create an ezvsp Port] button of ezmanager. Figure 3-4 create an ezvsp port(1) Sollae Systems Co., Ltd. - 10 - http://www.eztcp.com

Click the [OK] button. Figure 3-5 create an ezvsp port(2) Refer to ezvsp user manual for installing ezvsp program and detailed information. ezvsp, which is Virtual Com Port Redirector, offers our customer to convert TCP/IP data to serial like eztcp. Please refer to the manual for details about the program. Confirm TCP connection Once virtual COM port is started, SSL connection is established between eztcp and the VSP. Check if the connection is fine by [Status] button on ezmanager. You can find "COM1 - ESTABLISHED" in the "TCP STATE" and [State - 7(or 8)] and [Cipher - RSA_AES_256_CBC_SHA] in the "SSL STATUS", if the connection is fine. Figure 3-6 confirm TCP connection of SSL feature Sollae Systems Co., Ltd. - 11 - http://www.eztcp.com

3.3 TCP Client mode When your eztcp is set to TCP client mode, enabling [SSL] option is only required to make SSL connection. In this case, TCP server should available on SSL connection, too. To confirm current SSL connection, use the [Status] button of ezmanager. Sollae Systems Co., Ltd. - 12 - http://www.eztcp.com

4 Revision History Date Version Comments Author 2008.09.16 1.0 Initial Release - 2009.06.11 1.1 Modify images and terms Add product CSE-H25-2015.02.06 1.2 Update figures Correct some errors and expressions Roy LEE 2016.04.07 1.3 Add an explanation about TELNET login Roy LEE Sollae Systems Co., Ltd. - 13 - http://www.eztcp.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback