Welcome to Part 1 of our mini-blog series where we will be focusing on how to set up different secure communication methods. The first blog in the mini-series will focus on HTTPS for a more secure web access.
Currently, all Cassia BLE gateways and AC have the option to configure HTTPS.
End-users now have the ability to set up HTTPS for the local gateway webpage and the AC to enable a more secure communication when accessing these web pages. HTTPS can also be applied to APIs that go through either the gateway or the AC.
By using SSL/TSL certificates, end-users can rest assured that their data is safeguarded and that no sensitive information is at risk being exposed when accessing various web pages of the gateways and AC. This also ensures secured access to the RESTful APIs associated with them.
Before setting up the HTTPS, end-users will need an SSL/TLS key and certificate. It is recommended to use CA-signed certificates for production. To generate a key and certificate for testing purposes, end-users should use the Linux commands listed below:
openssl genrsa -des3 -out ca.key 2048
openssl req -new -x509 -key ca.key -out ca.crt -days 3650
openssl genrsa -out server.key 2048
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 3650 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt
End-users will now have a server.key and server.crt to use for the key and certificate respectfully.
There are two places where HTTPS can be set up: the local gateway webpage and the AC.
The steps and screenshots below outline proper setup and configuration for both the local gateway webpage and AC.
Instructions for the Local Gateway Webpage
- Log in to the local gateway webpage.
2. Go to the Other tab on the top right
3. Scroll down to Gateway Web Security.
4. Toggle on “Enable HTTPS” and select the SSL/TLS Private Key (.key) and Certificate (.crt) files.
5. Click Apply.
Instructions for the Access Controller:
- Log in to the AC.
2. Click on the Settings button on the bottom left corner of the webpage to go to the Settings page.
3. Scroll down to AC Web Security.
4. Copy and paste the certificate and key file contents into the Server Certificate and Server Private Key fields.
5. Click the “Save Setting” button.
The steps outlined above will allow end-users to properly set up HTTPS for both the local gateway webpage and AC.
Stay tuned for part 2 of our mini-series where we will focus on MQTT for AC and gateway communication.
Interested in learning more or need help finding this feature? Contact our support team at firstname.lastname@example.org.