User manual
Security
myUTN User Manual 89
6.5 How to Use Certificates Correctly
The UTN server has its own certificate management. This section
explains how certificates are used and when the use of certificates is
recommended.
What Are
Certificates?
Certificates can be used in TCP/IP-based networks to encrypt data
and to authenticate communication partners. Certificates are
electronic messages containing a key (public key) and a signature.
Benefits and
Purpose
The use of certificates allows for various security mechanisms. Use
certificates in your UTN server
• to check the identity of the UTN server in the network; see:
’Configuring EAP-TLS’
Ö98.
• to authenticate the UTN server/client if the administrative access
to the myUTN Control Center is protected via HTTPS (SSL/TLS).
If you want to use certificates, it is advisable to protect the
administrative access to the myUTN Control Center by a password so
that certificates on the UTN server cannot be deleted by
unauthorized persons; see: Ö83.
Which Certificates
Are available?
Both self-signed certificates and CA certificates can be used with
the UTN server. The following certificates can be distinguished:
• Upon delivery, a self-signed certificate (the so-called default
certificate) is stored in the UTN server. It is recommended that
you replace the default certificate by a self-signed certificate or
CA certificate as soon as possible.
• Self-signed certificates have a digital signature that has been
created by the UTN server.
• CA certificates are certificates that have been signed by a
certification authority (CA).
• The authenticity of the CA certificate can be verified by means
of a so-called root certificate issued by the certification