Welcome to the new Schneider Electric Community

It's your place to connect with experts and peers, get continuous support, and share knowledge.

  • Explore the new navigation for even easier access to your community.
  • Bookmark and use our new, easy-to-remember address (community.se.com).
  • Get ready for more content and an improved experience.

Contact SchneiderCommunity.Support@se.com if you have any questions.

Close
Invite a Co-worker
Send a co-worker an invite to the Exchange portal.Just enter their email address and we’ll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
84257members
353354posts

Is it true that Wildcards and 'standard' format keys cannot be applied to NMC?

APC UPS Data Center & Enterprise Solutions Forum

Schneider Electric support forum for our Data Center and Business Power UPS, UPS Accessories, Software, Services, and associated commercial products designed to share knowledge, installation, and configuration.

Solved
PS123_apc
Crewman
Crewman
0 Likes
7
352

Is it true that Wildcards and 'standard' format keys cannot be applied to NMC?

This was originally posted on APC forums on 9/15/2015


As titled. We would like to be able to apply a company wildcard certificate to an NMC but can see online that this is not supported? Could we get confirmation on this as I came across another forum post on here that mentioned a private tool that could push out wildcard certificates.


Accepted Solutions
PS123_apc
Crewman
Crewman
0 Likes
0
352

Re: Is it true that Wildcards and 'standard' format keys cannot be applied to NMC?

This was originally posted on APC forums on 9/17/2015


Just wanted to let people know... An upgrade of my NMC firmware seems to have fixed this? Not sure why.

See Answer In Context

7 Replies 7
BillP
Administrator Administrator
Administrator
0 Likes
1
351

Re: Is it true that Wildcards and 'standard' format keys cannot be applied to NMC?

This reply was originally posted by Jordan on APC forums on 9/16/2015


As of the release of APC Security Wizard 1.0.5, wildcards are supported.

BillP
Administrator Administrator
Administrator
0 Likes
0
351

Re: Is it true that Wildcards and 'standard' format keys cannot be applied to NMC?

This reply was originally posted by Jordan on APC forums on 9/16/2015


The link below contains the executable for this version of the wizard:

https://schneider-electric.box.com/s/d8ozyclqpps87xyz5x5zayrq20bmqdji

PS123_apc
Crewman
Crewman
0 Likes
0
351

Re: Is it true that Wildcards and 'standard' format keys cannot be applied to NMC?

This was originally posted on APC forums on 9/16/2015


Thanks for that. Downloading it now.

I had already applied a standalone certificate on one of these but am getting trouble with Network Shutdown trusting the certificate. I have added the entire certificate chain in via the java keystore using the commands provided in one of your online guides and have confirmed that I can see all the certificates in the keystore. However I still get the problem. I do not want to instruct Network Shutdown to ignore certificate issues. Do you have any ideas? Not sure if it because the program tries to connect via IP address, instead of the hostname which the certificate is registered to.

Any help would be great...

Terry_Kennedy_apc
Commander
Commander
0 Likes
0
350

Re: Is it true that Wildcards and 'standard' format keys cannot be applied to NMC?

This was originally posted on APC forums on 9/16/2015


The NMC (AP9617/8/9 and embedded NM in products like the AP79xx, AP77xx, etc.) do an auto-rewrite to https://ip-address when SSL is enabled and you access them by name. So you either need to issue individual certificates with the IP address as the CN, or enter https://full-name-of-device in the browser address bar. If you do the second, be aware that you need to specify the domain as well, or you will get a hostname mismatch SSL error in your browser. This is a security feature enforced by your browser, not the NMC.

The NMC2 devices (at least in recent software versions) do not auto-rewrite to the https:// version of the device name, so for those you can specify the hostname (rather than IP address) in the certificate. You still have to specify the address with the full domain name, as above.

PS123_apc
Crewman
Crewman
0 Likes
0
350

Re: Is it true that Wildcards and 'standard' format keys cannot be applied to NMC?

This was originally posted on APC forums on 9/17/2015


Using a browser to connect to the NMC2 works fine and gives me no security warnings. The problem I have is that when adding the NMC2 into Network Shutdown, the communication fails due to a certificate error. This doesnt let me enter a hostname instead of an IP address. Is there a way to enter a hostname or am I doing something else wrong?

PS123_apc
Crewman
Crewman
0 Likes
0
353

Re: Is it true that Wildcards and 'standard' format keys cannot be applied to NMC?

This was originally posted on APC forums on 9/17/2015


Just wanted to let people know... An upgrade of my NMC firmware seems to have fixed this? Not sure why.

jabo35810
Crewman
Crewman
0 Likes
0
205

Re: Is it true that Wildcards and 'standard' format keys cannot be applied to NMC?

where can I download APC Security Wizard 1.0.5? I only see 1.0.4. Thank you in advance.

Tags (1)