Adding a Private Key and Certificate to MAP Gateway - Facility Explorer - Metasys - LIT-12012015 - TL-MAP1810-0Px - TL-MAP1810-0Sx - Gateway/Router - MAP Gateway - 5.0

Mobile Access Portal Gateway Network and IT Guidance Technical Bulletin

Brand
Facility Explorer
Metasys
Product name
MAP Gateway
Document type
Technical Bulletin
Document number
LIT-12012015
Version
5.0
Revision date
2018-05-01
Language
English

Before you begin

This process describes how to add the private key and certificate to your MAP Gateway.
Note: To prevent the possibility of a man-in-the-middle attack, we strongly recommend that you use an Ethernet crossover cable to directly connect the MAP Gateway to your computer when transferring keys to the MAP Gateway.

Procedure

  1. Connect to MAP Gateway through an Ethernet crossover cable. The direct connection helps prevent man-in-the-middle type attacks when adding security keys and certificates.
  2. Log in to your MAP Gateway UI by opening your web browser and entering www.mapgwy.com . You must be logged in as an administrator to perform these tasks.
    Note: If your computer does not connect to the MAP Gateway UI, disconnect any other network connections, LAN or wireless, and try again. If your computer is connected to another network, it might not redirect to the MAP Gateway UI when you enter www.mapgwy.com .
    Figure 1. MAP Gateway UI Device List

  3. Click Settings and select SSL.
    Figure 2. MAP Gateway SSL Screen

  4. Navigate to the location of the private key file (***.pem) that you created for your site. Right-click the file and select Open with, and then select Notepad.
  5. Select all the text and copy the entire file. Paste this file as a plain text file in the Private Key box of your MAP Gateway SSL settings Private Key box.
  6. Navigate to the location of the security certificate (***.crt) that you created for your site. Right-click the file and select Open with, then select Notepad.
  7. Copy the entire file. Paste this file as a plain text file in the New Certificate box of your MAP Gateway SSL settings Private Key box and click Save. A reset warning screen appears.
  8. To apply the new certificate and private key, the MAP Gateway web server must restart. Click OK. The fault light flashes (for 5 seconds), and then turns off (the rest of the lights continue to function normally). The MAP Gateway goes offline while restarting and displays the Device Resetting Screen.
    Note: When an SSL key or certificate is very corrupted, the SSL page detects it and alerts you to the corrupted key or certificate.

    However, if the corruption is minor, for example an extra space was copied while installing the certificate or a character was missed, the UI does not detect the problem and allows the corrupted key or certificate to be saved. The server detects the error and returns the Error Saving SSL Settings message. While this properly prevents the bad key or certificate from being used, it does not inform you as to the source of the problem.

    In this case you need to recopy and reinstall the SSL Key or Certificate.

    Figure 3. Reset Warning Screen

  9. When the connection is reestablished, log in to MAP Gateway and use normally.
    Figure 4. Device Resetting Screen