Using self-signed certificates on Cloud Link Roadrunner™ units - Cloud Link Roadrunner™ 2.0.4

Cloud Link Roadrunner™ User Guide 2.0.4

Applies to
Cloud Link Roadrunner™ 2.0.4
Last updated
2022-09-15
Content type
Guides > User guides
Language
English
Product
Cloud Link Roadrunner™
Version
2.0

The Cloud Link Roadrunner™ comes with an X.509 certificate that was generated during production. Replace the default certificate to enhance security by generating a new self-signed certificate.

Procedure

  1. Log on to the Cloud Link Roadrunner™ unit.
  2. Click Configuration > Certificates.
  3. In the Certificate management section, complete the identification fields.
    NOTE: The Common name, Subject alternative name, and Country fields are mandatory.
    Certificate management section of the Certificates page in the Cloud Link Roadrunner™ Portal.
  4. From the Certificate type list, select one of the following algorithms and key lengths:
    • ECDSA 256 bits
    • ECDSA 384 bits
    • RSA 2048 bits
    • RSA 3072 bits
    • RSA 4096 bits
  5. Click Generate new self-signed certificate, and then restart your browser and log back on to the unit.
    The certificate is now generated on the unit.
  6. Install the certificate in the browser's certificate store.
    1. Click Configuration > Certificates.
    2. In the Current certificate section, click Download.
    3. In Windows, follow the instructions in the Certificate Import Wizard to import the certificate to the Trusted Root Certification Authorities folder using the Local Machine option.
      Install the certificate on all machines that connect to the updated Synergis™ unit.
      NOTE: The certificate file will be labeled with the hostname and a .cer suffix.
  7. Restart your browser and log back on to the unit.

Results

Your unit no longer shows a security error in the address bar when connecting using hostname.

After you finish

If the unit was already enrolled in Security Center, the Access Manager will not trust the new certificate or connect to the unit, and you must reset the trusted certificate in Config Tool.

For more information, see Resetting the trusted certificate.