
Configuring the SCALANCE IWLAN Controller
Configuring the SCALANCE IWLAN Controller for the First Time
SCALANCE WLC711
User Guide, V8.11, 07/2012, C79000-G8976-C260-03 2-31
If you continue to use the default certificate to secure the SCALANCE IWLAN Controller and
internal Captive Portal page, your Web browser will likely produce security warnings regarding
the security risks of trusting self-signed certificates. To avoid the certificate-related Web browser
security warnings, you can install customized certificates on the SCALANCE IWLAN Controller.
Note:
To avoid the certificate-related Web browser security warnings when accessing the SCALANCE W Wireless
Assistant, you must also import the customized certificates into your Web browser application.
Before Installing a Certificate
Before you create and install a certificate:
1. Select a certificate format to install. The SCALANCE IWLAN Controller supports several
types of certificates, as shown in Table 2-2.
Note:
When generating the PKCS#12 certificate file or PEM/DER certificate and key files, you must
ensure that the interface identified in the certificate corresponds to the SCALANCE IWLAN
Controller’s interface for which the certificate is being installed.
2. Understand how the controller monitors the expiration date of installed certificates.
The SCALANCE IWLAN Controller generates an entry in the events information log as the
certificate expiry date approaches, based on the following schedule: 15, 8, 4, 2, and 1 day prior
to expiration. The log messages cease when the certificate expires. For more information, see
the SCALANCE WLC711 Maintenance Guide.
3. Understand how the controller manages certificates during upgrades and migrations.
Installed certificates will be backed up and restored with the SCALANCE IWLAN Controller
configuration data. Installed certificates will also be migrated during an upgrade and during a
migration.
Installing a Certificate for a SCALANCE IWLAN Controller Interface
You can install a certificate from the Certificates tab available on the Topologies page.
Table 2-2 Supported Certificate and CA Formats
Certificate Format Description
PKCS#12 The PKCS#12 certificate (.pfx) file contains both a certificate and
the corresponding private key.
The SCALANCE IWLAN Controller will accept the PKCS#12 file
as long as the format of the private key and certificate are valid.
PEM/DER The PEM/DER certificate (.crt) file requires a separate PEM/DER
private key (.key) file. The SCALANCE IWLAN Controller uses
OpenSSL PKCS12 command to convert the .crt and .key files into
a single .pfx PKCS#12 certificate file.
The SCALANCE IWLAN Controller will accept the PEM/DER file
as long as the format of the private key and certificate are valid.
PEM-formatted CA public certificate
file
If you choose to install this optional certificate, you must do so
when specifying the PCKCS#12 or PEM/DER certificates.
Kommentare zu diesen Handbüchern