Wireless/Redundant Edge Services xl Module Management and Configuration Guide WS.01.03 or greater
2-90
Configuring the ProCurve Wireless Services xl Module
Certificates
3. In the
SNTP Server 1
field, enter the IP address of the SNTP server. The
module uses the default SNTP port 123 to communicate with the SNTP
server.
4. Define additional SNTP servers as needed.
5. View the date and time.
• Date (MM/DD/YYYY)—The date is listed in the month/date/year
format.
•
Time (HH:MM:SS)
—The time is listed in hours, minutes, and seconds.
6. In the Time Zone field, use the pull-down menu to select the time zone.
7. Click the Apply button to apply your changes to the running-config.
8. Click the Save button to save your changes to the startup-config.
Certificates
Certificates are used to uniquely identify a host. For HTTPS access, server
certificates are used to authenticate Web servers to Web browsers.
Typically, a trusted third-party, called the certificate authority (CA), issues a
certificate for the host. A less secure option is a self-signed certificate, which
is issued by the host itself.
When a CA issues a certificate, it sends the host two keys—one to encrypt
data and one to decrypt data. The host’s private key encrypts data, which can
then be decrypted only with that host’s public key.
A host authenticates itself with a certificate, to which it appends its digital
signature. It creates the digital signature by hashing the certificate and then
encrypting the hash with its private key. The certificate itself consists of:
■ the host’s identification information
■ the host’s public key
■ the function used to hash the certificate
■ the CA’s digital signature
When the peer receives the digital certificate, it extracts the host’s public key
and hash function. It decrypts and unhashes the signature and compares it to
the certificate. If they match, the peer knows that no one has tampered with
the certificate en route.