3.2.5.4 Certificates

Some 2N^® Indoor View LAN services use the secure TLS protocol for communication with the other LAN devices. This protocol prevents third parties from eavesdropping on or modifying call contents. TLS is based on one/two-sided authentication, which requires certificates and private keys.

2N^® Indoor View services that use TLS:

1. Web server (HTTPS)
2. 802.1x (EAP-TLS)
3. SIPs

2N^® Indoor View allows you to download up to 3 sets of certificates from certification authorities, which help you authenticate the communicating device, and also 3 user certificates and private keys for encryption purposes.

Each certificate requiring service can be assigned one certificate set, refer to the Web Server subsection. The certificates can be shared by the services.

2N^® Indoor View accepts the DER (ASN1) and PEM certificates.

Once powered, 2N^® Indoor View generates automatically the so-called Self Signed certificate and a private key, which can be used for the Web server and E-mail services without the need to load a unique certificate and private key.

Note

If you use the Self Signed certificate for encryption, the 2N^® Indoor View web server – browser communication is secure, but the browser notifies you that it cannot authenticate the 2N^® Indoor View certificate.

Refer to the tables below for the current list of trusted and user certificates:

Click to upload a certificate saved on your PC. Select the certificate (or private key) file in a dialogue window and click Upload. Press to remove a certificate from 2N^® Indoor VIew.

Caution

Note that a certificate with a private RSA key longer than 2048 bits may be rejected :
The private key file or password has not been accepted by the device!
For certificates based on elliptic curves use the secp256r1 (aka prime256v1 aka NIST P-256) and secp384r1 (aka NIST P-384) curves only.