Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Notifications
Login / Register
Community
Community
Notifications
close
  • Forums
  • Knowledge Center
  • Events & Webinars
  • Ideas
  • Blogs
Help
Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Login / Register
Sustainability
Sustainability

Join our "Ask Me About" community webinar on May 20th at 9 AM CET and 5 PM CET to explore cybersecurity and monitoring for Data Center and edge IT. Learn about market trends, cutting-edge technologies, and best practices from industry experts.
Register and secure your Critical IT infrastructure

Enterprise Certificates And Format

APC UPS Data Center & Enterprise Solutions Forum

Schneider, APC support forum to share knowledge about installation and configuration for Data Center and Business Power UPSs, Accessories, Software, Services.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • Home
  • Schneider Electric Community
  • APC UPS, Critical Power, Cooling and Racks
  • APC UPS Data Center & Enterprise Solutions Forum
  • Enterprise Certificates And Format
Options
  • Subscribe to RSS Feed
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Mute
  • Printer Friendly Page
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send Invite Cancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Send New Invite Close
Top Experts
User Count
BillP
Administrator BillP Administrator
5060
voidstar_apc
Janeway voidstar_apc
196
Erasmus_apc
Sisko Erasmus_apc
112
TheNotoriousKMP_apc
Sisko TheNotoriousKMP_apc
108
View All

Invite a Colleague

Found this content useful? Share it with a Colleague!

Invite a Colleague Invite
Solved Go to Solution
Back to APC UPS Data Center & Enterprise Solutions Forum
Solved
IESSysAdmin
Crewman IESSysAdmin
Crewman

Posted: ‎2025-01-15 06:00 AM

0 Likes
1
198
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2025-01-15 06:00 AM

Enterprise Certificates And Format

I am trying to create a valid certificate for my NMC3 (AP9641). Using the Configuration > Security > SSL Certificates page, I updated my CA certificate as a .cer. The site says it is a valid certificate. I made a web certificate with the HOSTNAME as the CN and the FQDN name for the CN. I updated it to the NMC and it says the certificate is invalid. I removed the Self Signed Certificate for APC and reloaded so it used the issued Web Certificate from the CA. I have the CA installed on my machine. When I go to access the NMC it gives me one of 2 errors. ERR:COMMON_NAME_INVALID or ERR:CA_AUTHORITY_INVALID. The certificate that I can see from the NMC shows the cert from the CA but does not show the CA in the Hierarchy. 

 

Am I missing something when creating the certificate and issuing it or accessing it? I am trying to make it a trusted certificate when accessing the NMC.

  • Tags:
  • english
Reply

Link copied. Please paste this link to share this article on your social media post.

  • All forum topics
  • Previous Topic
  • Next Topic

Accepted Solutions
KarimEissa
Commander KarimEissa Commander
Commander

Posted: ‎2025-02-17 06:55 AM . Last Modified: ‎2025-02-17 06:56 AM

0 Likes
0
122
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2025-02-17 06:55 AM . Last Modified: ‎2025-02-17 06:56 AM

Hello,

 

Use the NMC Security Wizard CLI utility to create a CA certificate and a server certificate (Method 2)
Use the NMC Security Wizard CLI utility to create two digital certificates:
• CA root certificate (Certificate Authority root certificate) that the NMC Security Wizard CLI utility uses to
sign all server certificates and which you then install into the certificate store (cache) of the browser of
each user who needs access to the Management Card or device.
• A server certificate that you upload to the Management Card or device. When the NMC Security Wizard
CLI utility creates a server certificate, it uses the CA root certificate to sign the server certificate.
The Web browser authenticates the Management Card or device sending or requesting data:
• To identify the Management Card or device, the browser uses the Common Name or Subject Alt Name
(IP address or DNS name of the Management Card or device) that was specified in the server
certificate’s distinguished name when the certificate was created.
• To confirm that the server certificate is signed by a “trusted” signing authority, the browser compares the
signature of the server certificate with the signature in the root certificate cached in the browser. An
expiration date confirms whether the server certificate is current.

 

Because the certificates do not have the digital signature of a commercial Certificate Authority, you must load a root certificate individually into the certificate store (cache) of each user’s browser. (Browser manufacturers
already provide root certificates for commercial Certificate Authorities in the certificate store within the browser

 

There are various method to create CA certificates, you can use method 3 as listed in Page 13 in the below link

 

https://download.schneider-electric.com/files?p_Doc_Ref=SPD_CCON-BDYD7K_EN&p_enDocType=Quick+start+g...

 

I had attached some guides that explain the SSL certificates creation 

 

Regards,

 

Karim 

See Answer In Context

Attachments
Reply

Link copied. Please paste this link to share this article on your social media post.

Reply 1
KarimEissa
Commander KarimEissa Commander
Commander

Posted: ‎2025-02-17 06:55 AM . Last Modified: ‎2025-02-17 06:56 AM

0 Likes
0
123
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2025-02-17 06:55 AM . Last Modified: ‎2025-02-17 06:56 AM

Hello,

 

Use the NMC Security Wizard CLI utility to create a CA certificate and a server certificate (Method 2)
Use the NMC Security Wizard CLI utility to create two digital certificates:
• CA root certificate (Certificate Authority root certificate) that the NMC Security Wizard CLI utility uses to
sign all server certificates and which you then install into the certificate store (cache) of the browser of
each user who needs access to the Management Card or device.
• A server certificate that you upload to the Management Card or device. When the NMC Security Wizard
CLI utility creates a server certificate, it uses the CA root certificate to sign the server certificate.
The Web browser authenticates the Management Card or device sending or requesting data:
• To identify the Management Card or device, the browser uses the Common Name or Subject Alt Name
(IP address or DNS name of the Management Card or device) that was specified in the server
certificate’s distinguished name when the certificate was created.
• To confirm that the server certificate is signed by a “trusted” signing authority, the browser compares the
signature of the server certificate with the signature in the root certificate cached in the browser. An
expiration date confirms whether the server certificate is current.

 

Because the certificates do not have the digital signature of a commercial Certificate Authority, you must load a root certificate individually into the certificate store (cache) of each user’s browser. (Browser manufacturers
already provide root certificates for commercial Certificate Authorities in the certificate store within the browser

 

There are various method to create CA certificates, you can use method 3 as listed in Page 13 in the below link

 

https://download.schneider-electric.com/files?p_Doc_Ref=SPD_CCON-BDYD7K_EN&p_enDocType=Quick+start+g...

 

I had attached some guides that explain the SSL certificates creation 

 

Regards,

 

Karim 

Attachments
Reply

Link copied. Please paste this link to share this article on your social media post.

Preview Exit Preview

never-displayed

You must be signed in to add attachments

never-displayed

 
To The Top!

Forums

  • APC UPS Data Center Backup Solutions
  • EcoStruxure IT
  • EcoStruxure Geo SCADA Expert
  • Metering & Power Quality
  • Schneider Electric Wiser

Knowledge Center

Events & webinars

Ideas

Blogs

Get Started

  • Ask the Community
  • Community Guidelines
  • Community User Guide
  • How-To & Best Practice
  • Experts Leaderboard
  • Contact Support
Brand-Logo
Subscribing is a smart move!
You can subscribe to this board after you log in or create your free account.
Forum-Icon

Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.

Register today for FREE

Register Now

Already have an account? Login

Terms & Conditions Privacy Notice Change your Cookie Settings © 2025 Schneider Electric

This is a heading

With achievable small steps, users progress and continually feel satisfaction in task accomplishment.

Usetiful Onboarding Checklist remembers the progress of every user, allowing them to take bite-sized journeys and continue where they left.

of