The authenticity of the self-signed certificate that comes with the unit by default is not enforced as usual with the Public Key Infrastructure. To be more secure, you can use a fully trusted certificate signed by a certificate authority instead.
Before you begin
- Cloud Link Roadrunner
- Synergis Cloud Link
- Legacy Synergis Cloud Link running Synergis Softwire 11.2 or later
For more information, see Unit certificate management. If your access control units do not support the Security Center unit certificate management feature, install signed certificates using the following procedure.
What you should know
- Using certificates signed by a certificate authority is better for setups where multiple computers and browsers access the Synergis unit because you do not need to configure each browser to recognize these trusted certificates.
- The
unit comes with an ECDSA certificate
by default. When you try to enroll a new
unit on a system running an operating
system that lacks support for ECDSA, the enrollment fails because no compatible
cipher is available.
If the enrollment fails, upgrade your operating system to one that supports ECDSA or generate a new RSA certificate on the unit and then try enrolling the unit again.
Procedure
Results
After you finish
For more information, see Resetting the trusted certificate.