================================================================================
Funkwerk Enterprise Communications GmbH 19.07.2005
www.funkwerk-ec.com SSL Notes
Certificates for artem ComPoint, artem Wx000, and funkwerk Wx002
================================================================================
Secure Web (https) and Certificates
===================================
When connecting to a secure web server, the first step is to validate
its identity. In practice, this means to check if the web server one is
talking to is really the one expected and not a fake device or some other
somewhere in the middle.
One main attribute to check is the hostname or IP address.
This check is done by the use of certificates. A certificate is a
cryptographically signed identity card containing, amongst other things,
the hostname or IP address as "Common Name (CN)".
To verify this certificate is authentic, it has to be signed by a trusted party,
a so-called certificate authority. Certificates of many well-known CAs are
pre-installed in all modern web browers.
As the ComPoint/Wx00y does not have a fixed address, especially when using DHCP,
there cannot be one static certificate signed by an official CA.
Therefore the devices' own certificate is generated dynamically in the device
anytime the IP changes. This certificate is signed by the built-in certificate
authority "artem ACE rootCA".
To the user, this provides the following advantages:
- He can be assured that he is always talking to a ComPoint,
and more specific, to the ComPoint with the IP he expected.
- The browser won't complain about an incorrect certify chain,
as it is perfectly valid.
- The https connection is as safe as any other secure web connection.
To achieve this, the user has to install the "artem ACE rootCA" certificate
on his system or web browser once. After this, all connections to any ComPoint
will behave as if every single ComPoint would have a static certificate issued
by an official certificate authority.
If this step is missing, the browser will complain about a certificate signed
by an unknown certificate authority.
The "artem ACE rootCA" certificate may be installed either
online on the ComPoint's web server login page using the link
"Install certificate for Secure Web (https) access"
or may be installed offline using the file
"artem_ACE_rootCA.crt" in this folder.
The installation dialog will ask to verify the fingerprints, which have to be
MD5: 6E:5E:99:43:02:3D:58:B3:34:CC:E9:4F:CA:ED:26:BC
SHA1: 74:F7:CD:7B:14:4F:3C:B6:4F:C8:5A:9B:CD:8D:CD:CE:D1:26:83:54
The offline installation depends on the operating system and the browser:
- Windows XP / Internet Explorer 6:
Open the file "artem_ACE_rootCA.crt" and click on "Install Certificate".
After this, the certificate can be found under
"System Control / Internet Options / Content / Certificates".
- Windows, Unix / Opera 8:
Open the file "artem_ACE_rootCA.crt" and click on "Import All".
After this, the certificate can be found under
"Preferences / Advanced / Security / Manage certificates".
- Windows, Unix / Mozilla
Open the file "artem_ACE_rootCA.crt" and select on "Trust CA
to identify web sites".
After this, the certificate can be found under
"Preferences / Privacy / Certificates / Manage Certificates / Authorities".
- Windows, Unix / Galeon
Open the file "artem_ACE_rootCA.crt" and click on "Trust CA".
After this, the certificate can be found under
"Preferences / Privacy / Manage Certificates / Authorities".
- Windows, Unix / Firefox
Open the file "artem_ACE_rootCA.crt" and click on "Trust CA".
After this, the certificate can be found under
"Preferences / Advanced / Certificates / Manage Certificates / Authorities".
- Unix / Konqueror (KDE)
Open the file "artem_ACE_rootCA.crt" and click on "Install".
After this, the certificate can be found under
"KDE Control Center / Security / Crypto / SSL Signers".
--------------------------------------------------------------------------------
If you encounter any problems when installing or using this
product, or would like information about our other
artem products, please don't hesitate to contact us.
* E-Mail (Hotline): hotline@funkwerk-ec.com
* E-Mail (Service): info@funkwerk-ec.com
* Phone (Service): +49-180-300 91 91-0
* Phone (Hotline): +49-180 300 91 91-550
================================================================================
Download Driver Pack
After your driver has been downloaded, follow these simple steps to install it.
Expand the archive file (if the download file is in zip or rar format).
If the expanded file has an .exe extension, double click it and follow the installation instructions.
Otherwise, open Device Manager by right-clicking the Start menu and selecting Device Manager.
Find the device and model you want to update in the device list.
Double-click on it to open the Properties dialog box.
From the Properties dialog box, select the Driver tab.
Click the Update Driver button, then follow the instructions.
Very important: You must reboot your system to ensure that any driver updates have taken effect.
For more help, visit our Driver Support section for step-by-step videos on how to install drivers for every file type.