COVID-19 Digi Technical Support Response x

How to install your own signed SSL certificate on DAL router

When you connect to Digi DAL router Web User interface your browser in the address bar warns you that you are visiting an insecure web page.
 
1.png
 
Such browser's behavior depends on the following:
Firstly, the lack of the Digi Certificate Authority certificate in the trusted browser's list.
Secondly, the identity certificate does not show the hostname of the Digi device.
For the proper work of the browser you have to install a custom certificate which is issued for the specific device hostname/IP address and signed by a CA server, which CA root certificate contains in the browser's trusted list.
I will show you an example basing the knowledge base how to do this properly using XCA software.
(In this knowledge base I will show you an example how to do that in a right way with XCA software).
You have to create a CA root certificate which will be placed in the browser's trusted list.

2.png

3.png


4.png
 
Then create an identity certificate of the device and set up an obligatory extension: Subject Alternative Name for the IP address and DNS hostname.
 
5.png
 
Then upload certificate to the DAL device using copy/paste function to the configuration section:
System>Device configuration>Services>Web administration >SSL certificate
 
6.png
 
If you like to connect via a hostname you have to configure a DNS entry on your DNS server for your Digi device.
If in the future you try to be connected to your Digi device via IP address or hostname your browser will not show an alert message in the address bar.
 
 7.png


8.png

 
 
Last updated: Dec 15, 2020

Recently Viewed

No recently viewed articles