SSL (Secure Socket Layer)



Similar documents
ezvsp User's Manual ( Version 2.1d ) Sollae Systems Co., Ltd.

Sending MAC Address Function

CSE-H21 User s Manual

Sollae Systems Co., LTD. ezvsp ver 1.4a

USER GUIDE. Ethernet Configuration Guide (Lantronix) P/N: Rev 6

3.1 RS-232/422/485 Pinout:PORT1-4(RJ-45) RJ-45 RS-232 RS-422 RS-485 PIN1 TXD PIN2 RXD PIN3 GND PIN4 PIN5 T PIN6 T PIN7 R+ PIN8 R-

How to install and use CrossTec Remote Control or SchoolVue in a Virtual and or Terminal Service environment

Special Note Ethernet Connection Problems and Handling Methods (CS203 / CS468 / CS469)

eztcp Technical Document Modbus/TCP of eztcp Caution: Specifications of this document may be changed without prior notice for improvement.

User s Manual TCP/IP TO RS-232/422/485 CONVERTER. 1.1 Introduction. 1.2 Main features. Dynamic DNS

Network Load Balancing

Follow these steps to prepare the module and evaluation board for testing.

IP SERIAL DEVICE SERVER

How To: Configure a Cisco ASA 5505 for Video Conferencing

Debugging Network Communications. 1 Check the Network Cabling

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Ethernet Interface Manual Thermal / Label Printer. Rev Metapace T-1. Metapace T-2 Metapace L-1 Metapace L-2

Configuring Secure Socket Layer (SSL)

Connecting the DG-102S VoIP Gateway to your network

Using the DNP3.0 Protocol via Digi Device Servers and Terminal Servers

EZL-200F User s Manual

Network Management Card Wizard--1. Introduction... 1 Using the Network Management Card Wizard... 5

BIT COMMANDER. Serial RS232 / RS485 to Ethernet Converter

7.7 Ethernet Communication (AFPX-COM5)

ETHERNET WEATHER STATION CONNECTIONS Application Note 33

Using IDENT M System T with Modbus/TCP

CIE-H10 User s Manual

Quick Note 32. Using Digi RealPort with a Digi TransPort Router. UK Support September 2012

Projetex 9 Workstation Setup Quick Start Guide 2012 Advanced International Translations

How To Configure SSL VPN in Cyberoam

TruePort Windows 2000/Server 2003/XP User Guide Chapter

Schneider OS-Loader usage via Ethernet or USB.

Application Note. Terminal Server G6

2015/02/07 05:41 1/23 WIZ550WEB Users' Guide

To perform Ethernet setup and communication verification, first perform RS232 setup and communication verification:

DSA-1000 / PRT-1000 Device Server / Thermal Printer

Steps to be taken when you are unable to get the license in Tally.ERP 9

Configuring Security for FTP Traffic

RemotelyAnywhere. Security Considerations

LOAD BALANCING 2X APPLICATIONSERVER XG SECURE CLIENT GATEWAYS THROUGH MICROSOFT NETWORK LOAD BALANCING

TELNET CLIENT 5.0 SSL/TLS SUPPORT

Multi-Homing Dual WAN Firewall Router

Select Correct USB Driver

Firewall VPN Router. Quick Installation Guide M73-APO09-380

User Manual Network Interface

USER S GUIDE. network management card. Contents. Introduction--1. Control Console--13

CIE-M10 User s Manual

H0/H2/H4 -ECOM100 DHCP & HTML Configuration. H0/H2/H4--ECOM100 DHCP Disabling DHCP and Assigning a Static IP Address Using HTML Configuration

EMG Ethernet Modbus Gateway User Manual

HomeWorks P5 Processor Ethernet TCP / IP Networking Specification

Biznet GIO Cloud Connecting VM via Windows Remote Desktop

Prestige 324. Prestige 324. Intelligent Broadband Sharing Gateway. Version 3.60 January 2003 Quick Start Guide

Starting a Management Session

50-Port 10/100/1000Mbps with 4 Shared SFP. Managed Gigabit Switch WGSW Quick Installation Guide

Tera Term Telnet. Introduction

User Manual Revision English Converter / Adapter Ethernet to RS232 / RS485 (Order Code: HD HD M HD HD M)

PT Activity: Configure Cisco Routers for Syslog, NTP, and SSH Operations

Prestige 314 Read Me First

One Port Serial Server Users Manual Model ESP901, ESP901E

Application Note 2. Using the TCPDIAL & TCPPERM Commands to Connect Two TransPort router Serial Interfaces Over TCP/IP.

1 Serial RS232 to Ethernet Adapter Installation Guide

IP Power Stone 4000 User Manual

NPort s Ethernet Modem Mode

CIE-H12 User s Manual

Kramer Electronics, Ltd. Site-CTRL and Web Access Online User Guide (Documentation Revision 2)

Open Thunderbird. To set up an account in Thunderbird, from the Tools menu select Account Settings; choose account; then click Next.

Host Installation on a Terminal Server

Configuring MassTransit Server to listen on ports less than 1024 using WaterRoof on Macintosh Workstations

Connecting and Setting Up Your Laptop Computer

1. MOXA NPort Express TCP/IP to RS-232 server

Firmware upgrade instructions for the Web/SNMP and Network

Operating Instruction MEW01652 Revision -

PIM31 Remote Setup and Operational Procedures

(1) Network Camera

FRM301 SNMP Upgrade Procedure

Palomar College Dial-up Remote Access

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

EZL-50L User s Manual

TP-LINK TD-W8901G. Wireless Modem Router. Advanced Troubleshooting Guide

MAX T1/E1. Quick Start Guide. VoIP Gateway. Version 1.0

Securely manage data center and network equipment from anywhere in the world.

SSL SSL VPN

How to set FTP Server (IIS)

Device Server Administrator's Guide SYSTECH

Immotec Systems, Inc. SQL Server 2005 Installation Document

Prestige 324 Quick Start Guide. Prestige 324. Intelligent Broadband Sharing Gateway. Version V3.61(JF.0) May 2004 Quick Start Guide

VisorALARM-Manager Application Quick Guide. (Ver. 1.3) Dm 380-I. V:3.0

freesshd SFTP Server on Windows

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

Installation of MicroSoft Active Directory

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

Prestige 650R-31/33 Read Me First

Configuring Napco Integration

MODBUS TCP to RTU/ASCII Gateway. User s Manual

Technical Information Sheet Page 1 of 8

Configuring the WT-4 for Upload to a Computer (Ad-hoc Mode)

ProxyCap Help. Table of contents. Configuring ProxyCap Proxy Labs

H3C SSL VPN RADIUS Authentication Configuration Example

DDNS Management System User Manual V1.0

Transcription:

eztcp Application Note SSL (Secure Socket Layer) Version 1.2 Sollae Systems Co., Ltd. http://www.eztcp.com

Contents 1 INTRODUCTION...- 2-1.1 SSL (Secure Socket Layer)...- 2-1.2 SSL with the eztcp... - 2-2 SETTING...- 3-2.1 Limitations...- 3-2.2 Set up SSL feature...- 3-2.2.1 Overview...- 3-2.2.2 Setting with ezmanager...- 4-2.2.3 SSL certificate generation...- 4-3 EXAMPLES OF USE...- 7-3.1 Overview...- 7-3.1.1 TCP connection type...- 7-3.2 TCP Server...- 7-3.2.1 Setting Confirmation with ezmanager...- 7-3.2.2 Setting Confirmation with Telnet console...- 9-3.2.3 Connecting to eztcp... - 10-3.3 TCP Client mode... - 12-4 REVISION HISTORY... - 13 - Sollae Systems Co., Ltd. - 1 - http://www.eztcp.com

1 Introduction 1.1 SSL (Secure Socket Layer) The Secure Socket Layer (SSL), developed by Netscape Company, was originally designed for secure electronic commerce and other Web transactions on the Internet. It was standardized as TLS (Transport Layer Security) by IETF (Internet Engineering Task Force) developing and promoting Internet standards. The latest version of SSL and TLS is the 3.0 and 1.0 respectively. 1.2 SSL with the eztcp The eztcp guarantees the security of communications on the Internet by supporting SSL 3.0 / TLS 1.0. This application note introduces how to use SSL feature for CSE-M32, CSE-H20, CSE-H21, CSE-M73 and CSE-H25. Sollae Systems Co., Ltd. - 2 - http://www.eztcp.com

2 Setting 2.1 Limitations Cannot use SSL feature in U2S UDP Communication Mode User cannot use the following features SSH and Telnet COM Port Control(RFC2217) Restrictions while using SSL feature on each product <CSE-M32, CSE-H20, CSE-H21> Maximum baud rate of serial port is the 115,200bps / COM2 serial port is disabled <CSE-M73, CSE-H25> Maximum baud rate of serial port is the 115,200bps / Multi Monitoring feature is disabled 2.2 Set up SSL feature 2.2.1 Overview SSL function can be used TCP server as well as TCP client mode. In the case of TCP client mode, just check [SSL] in "Option" tab of ezmanager. Then you can make SSL connection. On the other hand, you should connect on Telnet and make certification when using TCP server mode. Sollae Systems Co., Ltd. - 3 - http://www.eztcp.com

2.2.2 Setting with ezmanager Check [SSL] in OPTION tab of ezmanager. Figure 2-1 Setting SSL option 2.2.3 SSL certificate generation Connect to TELNET console by a TELNET client. Figure 2-2 connect to TELNET console Sollae Systems Co., Ltd. - 4 - http://www.eztcp.com

The following is the telnet console command list Item Command Descriptions rsa keygen <key length> supporting KEY length 512/768/1024 RSA KEY rsa key Confirm generated RSA KEY rsa test Check RSA KEY is correctly generated Certificate cert new Generate certificate from RSA KEY cert view Confirm generated certificate Save ssl save aa55cc33 Save the configuration of SSL related parameter Table 2-1 Telnet commands for setting SSL option RSA KEY generation Generate RSA KEY first for certificate generation. The eztcp supports 512, 768 and 1024 bytes KEY length. In accordance with the KEY length, KEY generation may take a number of minutes. Longer KEY length provides more secure communications and takes longer time for KEY generation. For example, 1024-bit KEY length may take about 1 minute on average. The command form is rsa keygen <key length> as shown below. Figure 2-3 RSA KEY generation This RSA KEY can check if it is correctly generated by rsa test command. The present generated RSA KEY can be confirmed by rsa key command. When you generate a new RSK KEY, the old one is replaced with the new one. Sollae Systems Co., Ltd. - 5 - http://www.eztcp.com

Digital certificate generation If RSA KEY is generated successfully, a certificate can be generated by cert new command. Figure 2-4 Certificate generation Unlike a TCP client, this step is required to TCP server. A new digital certificate should be generated whenever a local IP address of eztcp is changed, because it contains the IP address information. When you generate a new certificate, the old one is replaced with the new one. Save the configuration The RSA KEY and the digital certificate have to be saved to the flash memory of eztcp for using SSL feature. The command form is ssl save aa55cc33. Figure 2-5 Save SSL configuration Sollae Systems Co., Ltd. - 6 - http://www.eztcp.com

3 Examples of use 3.1 Overview 3.1.1 TCP connection type SSL requires TCP and communication mode for TCP is as follows. TCP Server T2S TCP Server mode TCP passive connection by ata command in ATC AT Command mode TCP Client COD TCP Client mode TCP active connection by atd(t) command in ATC AT Command mode 3.2 TCP Server 3.2.1 Setting Confirmation with ezmanager Click the [Status] button of ezmanager. Figure 3-1 ezmanager Sollae Systems Co., Ltd. - 7 - http://www.eztcp.com

Figure 3-2 ezmanager [Status] Check if there is SSL STATUS as shown above. Sollae Systems Co., Ltd. - 8 - http://www.eztcp.com

3.2.2 Setting Confirmation with Telnet console After logging in telnet console of eztcp, check both RSA KEY and digital certificate. The related command is rsa key and cert view. Especially, check if the current IP address of eztcp is the same with the IP address information of the digital certificate. Figure 3-3 confirm RSA KEY and Certificate Sollae Systems Co., Ltd. - 9 - http://www.eztcp.com

3.2.3 Connecting to eztcp To communicate with the eztcp whose SSL feature is enabled, a remote host must support SSL. Confirm SSL feature by using ezvsp supporting SSL. Checking network environment Configure network parameters such as IP addresses to make sure that PC can access to eztcp. Refer to the example which uses factory default values. Division eztcp PC IP Address 10.1.0.1 10.1.0.2 Subnet Mask 255.0.0.0 255.0.0.0 Local Port 1470 - Table 3-1 network parameters Setting ezvsp Click the [Create an ezvsp Port] button of ezmanager. Figure 3-4 create an ezvsp port(1) Sollae Systems Co., Ltd. - 10 - http://www.eztcp.com

Click the [OK] button. Figure 3-5 create an ezvsp port(2) Refer to ezvsp user manual for installing ezvsp program and detailed information. ezvsp, which is Virtual Com Port Redirector, offers our customer to convert TCP/IP data to serial like eztcp. Please refer to the manual for details about the program. Confirm TCP connection Once virtual COM port is started, SSL connection is established between eztcp and the VSP. Check if the connection is fine by [Status] button on ezmanager. You can find "COM1 - ESTABLISHED" in the "TCP STATE" and [State - 7(or 8)] and [Cipher - RSA_AES_256_CBC_SHA] in the "SSL STATUS", if the connection is fine. Figure 3-6 confirm TCP connection of SSL feature Sollae Systems Co., Ltd. - 11 - http://www.eztcp.com

3.3 TCP Client mode When your eztcp is set to TCP client mode, enabling [SSL] option is only required to make SSL connection. In this case, TCP server should available on SSL connection, too. To confirm current SSL connection, use the [Status] button of ezmanager. Sollae Systems Co., Ltd. - 12 - http://www.eztcp.com

4 Revision History Date Version Comments Author 2008.09.16 1.0 Initial Release - 2009.06.11 1.1 Modify images and terms Add product CSE-H25-2015.02.06 1.2 Update figures Correct some errors and expressions Roy LEE Sollae Systems Co., Ltd. - 13 - http://www.eztcp.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information