How to configure security settings and certificates in RX-RDP and RX300?

How to configure security settings and certificates in RX-RDP and RX300?

Please refer to RX300 & RX-RDP user configuration guide for additional details:  https://support.ncomputing.com/portal/kb/articles/rx300-rx-rdp-user-configuration-guide

The Security settings in RX-RDP and RX300 allow the management of Certification Authority and Client (personal) certificates, which are necessary when setting up Enterprise (802.1x) WiFi network connections.

Supported certificate file formats:

Certificate type

Supported certificate file format

Typical certificate file name extensions

Expected file name extension

Certification Authority (root or intermediate)

Base64-encoded X.509 (PEM)

.cer, .crt, .pem

.pem

Client

PKCS #12

.pfx, .p12

.p12

 

The file name extension of Certification Authority certificate file (like .cer, .crt, .pem, …) actually says nothing about the real internal format of the certificate file. Microsoft Windows uses the .cer file name extension for the Base64-encoded X.509 (PEM) certificates as well as for the binary encoded X.509 (DER) certificate files. Real certificate file format can be quickly determined by opening the certificate file in a text editor, like WordPad. If the file will contain random binary characters then the file is in unsupported binary (DER) format:


If the file will contain nicely formatted ASCII characters only, will start with
‘-----BEGIN CERTIFICATE-----‘ header and end with ‘-----END CERTIFICATE-----‘ footer, then the file is in PEM format and can be added as Certification Authority (root or intermediate CA) certificate to RX300 or RX-RDP thin client device:


Certificate files can be easily converted from DER to PEM format by opening them in Microsoft Windows, clicking the [Copy to file] button on the Details tab, and selecting the Base-64 encoded X.509 format in next step.

The certificate files to be added to the device must be uploaded to a web or FTP server and be accessible through HTTP, HTTPS, or FTP protocol.

Installing Certification Authority certificates

Follow the below steps to add a Certification Authority (root or intermediate CA) certificate:

1.       Make sure that the CA certificate file uploaded to your web or FTP server is in PEM format has the .pem extension. Covert the file from DER to PEM format if necessary and change the file name extension to .pem if it is .cer or .crt.

2.       In the Security section of Setup GUI select the Root and intermediate CA radio-button.

3.       Click the [ + ] button located below the list of installed certificates.

4.       In the Add Certificate dialog box enter the certificate file URL and click the [Add] button.

If a valid certificate file URL was specified the device will confirm a successful certificate download.

Installing Client certificates

Follow the below steps to add a Client (PKCS #12) certificate:

1.       Make sure that the certificate file uploaded to your web or FTP server has the .p12 extension. Change the file name extension to .p12 if it is .pfx.

2.       In the Security section of Setup GUI select the Client (PKCS #12) radio button.

3.       Click the [ + ] button located below the list of installed certificates.

4.       In the Add Certificate dialog box enter the certificate file URL and click the [Add] button.



5.       If a valid certificate URL was specified the device will ask for certificate password. This password is required to open the certificate file and read from it the certificate details.

If correct certificate password was specified the device will confirm a successful certificate download.

Removing certificates

To remove a certificate select a certificate type (CA or Client), select the certificate to be removed on the list, and click the [ - ] button located below the list.



    • Related Articles

    • How to configure security settings and certificates in RX-RDP and RX300?

      lease refer to RX300 & RX-RDP user configuration guide for additional details:  https://support.ncomputing.com/portal/kb/articles/rx300-rx-rdp-user-configuration-guide The Security settings in RX-RDP and RX300 allow the management of Certification ...
    • Configure RDP client as local custom application(s)

      On LEAFOS and RX420(RDP) devices (with firmware version 3.7.3 or higher), the native RDP client can be configured as a local custom application to allow users to access multiple instances of RDP server hosts, or other local applications (e.g. ...
    • RX-RDP with VNC Can Have Issues. Please Refer this Article

      Product Line:  VERDE A customer had the following issue: Using VNC, they accessed their RX-RDP client Once again, via VNC, they logged into the VERDE environment Selected their Win10 image The Image comes up, but the screen is black. Solution:   The ...
    • Using VNC with RX-300 and RX-RDP

      Product Line:  VERDE There is a known limitation with VNC: The ‘/novcast’ custom parameter for the RDP connection allows the customer to VNC-shadow the RDP session, but it disables the vCAST technology, which is the main feature of the SuperRDP ...
    • Accessing the RX-300 and RX-RDP Linux Line Command to Collect the Client Logs

      Product Line:  VERDE On the RX300 device please do the following to collect the logs:   Please open the Setup GUI, go to Peripherals section, select Custom settings and select ‘Native (RDP only)’ redirection for mass storage. Apply the settings. With ...