Generating a Key and Certificate

Generate the key and certificate required for TLS-encrypted communication on the machine. A self-signed certificate is used for the self-generated key.
For the algorithms of the keys and certificates that can be generated with the machine, see the specifications of the self-generated key and self-signed certificate. Keys and Certificates
 
This section describes how to generate the key and certificate using Remote UI from a computer.
On the control panel, select [ Settings/Registration] in the [Home] screen or other screen, and then select [Management Settings] to generate the key and certificate. [Certificate Settings]
Administrator privileges are required.
1
Log in to Remote UI as an administrator. Starting Remote UI
2
On the Portal page of Remote UI, click [Settings/Registration]. Remote UI Portal Page
3
Click [Device Management] [Key and Certificate Settings].
The [Key and Certificate Settings] screen is displayed.
4
Click [Generate Key] [Network Communication].
The [Generate Network Communication Key] screen is displayed.
5
Enter the name of the key, and select the signature and key algorithms.
Enter the key name using alphanumeric characters.
For the key generation algorithm, select [RSA] or [ECDSA], and select the key length from the pulldown menu. The longer the key length, the better the security, but this slows down communication processing.
6
In [Certificate Settings], set the certificate information.
[Validity Start Date (YYYY/MM/DD)] and [Validity End Date (YYYY/MM/DD)]
Enter the start and end dates of the certificate validity period.
[Country/Region]
Select [Select Country/Region Name], and then select the country or region from the pulldown menu, or select [Enter Internet Country Code], and enter the country code.
[State], [City], [Organization], and [Organization Unit]
Enter the items as needed using alphanumeric characters.
[Common Name]
Enter the name of the certificate subject using alphanumeric characters, as needed. This corresponds to the Common Name (CN).
[Issued To (Alternate Name)]
Enter the IP address or domain to be set for the Subject Alternative Name (SAN), as needed.
If you are not configuring the [Issued To (Alternate Name)] setting, select the [Do Not Set] checkbox.
Only IPv4 addresses can be set in [IP Address].
7
Click [OK].
The generated key and certificate are added to the list of keys and certificates on the [Key and Certificate Settings] screen.
8
Log out from Remote UI.
NOTE
Viewing and Verifying Detailed Information of a Generated Certificate
On the [Key and Certificate Settings] screen, click the key name (or certificate icon) to display the certificate details.
On the certificate details screen, click [Verify Certificate] to verify that the certificate is valid.
When the Key and Certificate Cannot Be Deleted
You cannot delete a key and certificate being used. Disable the function being used, or delete these after switching to another key and certificate.
A0YC-1S0