Replacing the web interface certificate - AP10

Replacing the SSL/TLS certificate of AP10 Access Point Technical Note

Document code
M213168EN
Revision
A
Language
English
Product
AP10
Document type
Technical note
  1. Verify the IP address of the access point from the touchscreen interface.
  2. Open a web browser.
  3. In the address field of the web browser, enter https:// and the IP address of AP10.
    For example: https://192.168.10.47
  4. The default user interface language is English. If you want to use another language for this session, select it from the drop-down menu.
  5. Enter the login information:
    • Username: apadmin
    • Password: ap123456 (default)
  6. Select Log in to access the interface.
  7. Select > Settings > Security > Certificate.
  8. Select Generate to start generating a new Certificate Signing Request (CSR).
  9. Enter the data for the signing request. Each of the fields helps to uniquely identify your organization and the domain names you wish to secure, ensuring the certificate is issued correctly.
    Common Name (CN)

    The fully qualified domain name for which you are requesting the certificate. For example, myserver.corp.com.

    Subject Alternative Names (SAN)

    IP addresses or additional domain names that you want to secure with the same certificate. Each alternative name must be prefixed by the type of the address: IP: for IP addresses and DNS: for domain names. Entries must be separated by a comma ",".

    For example: IP:192.168.0.57,DNS:viewlinc.corp.com

    Organization (O)
    The legal name of your organization.
    Organizational Unit (OU)
    Division or department within the organization making the request.
    Locality or city (L)
    City where your organization is legally located.
    State or Province (ST)
    State or province where your organization is legally located.
    Key Type

    Type of encryption used in the key pair. The options are:

    • EC P-384: Key based on the P-384 elliptic curve (default option).
    • RSA-2048: 2048-bit RSA key.
    Country Code
    2-letter ISO code for the country where your organization is legally located.
  10. Select Generate to generate the CSR. The finalized CSR is shown in a text box.
  11. Select Copy to copy the CSR to the clipboard of your device, and select Close to return to the Certificate page.
  12. Send the CSR to a trusted Certificate Authority (CA) of your choice and have them generate a certificate for you.
  13. When you have the certificate, upload it to AP10:
    The certificate is specific to the AP10 that generated the CSR. AP10 will only accept the uploaded certificate for the latest generated CSR.
    1. On the Settings > Security > Certificate page, select Browse... and locate the certificate file created by the CA.
    2. Select Upload.
    3. AP10 validates the file, and logs you out of the user interface when it changes to the new certificate.
  14. To verify that the new certificate is in use and trusted by your browser, reload the web interface. You should no longer receive the security warning from your browser.