You are here:

Embedded SSL Certificates>

Contact Sales

Embedded SSL - SSL Certificate for Devices

Automate deployment of trusted SSL Certificates to routers, media and networked devices

In an ever increasing mobile and interconnected world, accessing everyday devices ranging from media centers and recorders, point of sale equipment, network/wifi/cable routers, NAS vehicle equipment and even kitchen appliances devices, and the data they contain has become a necessity.

GlobalSign has made it easier and cheaper than ever for manufactures and value added resellers to provide the peace of mind around security that customers demand. 

EmbeddedSSL provides fully verified Certificates, recognized in all popular browsers, for use in these devices. EmbeddedSSL is designed to decrease the in-house development costs associated with the procurement of SSL Certificates and to deliver Certificates in the most streamlined process possible. We allow very rapid development of pilot projects (a matter of days rather than months), eliminating the need to setup your own CA, PKI infrastructure and policies.


Embedded SSL - Key Features & Benefits:


  • Low impact on Cost of Goods Sold
  • Universal compatibility - all browsers / devices inherently trust GlobalSign SSL
  • Eliminate "Un-trusted Certificate" errors end users get when accessing secured devices with self signed Certificates
  • GlobalSign is the only CA that issues trusted SSL Certificates for devices with special pricing
  • Pilot programs available for a minimal investment
  • Rapid deployment, Certificate issuance within seconds
  • SGC security guarantees strong 128bit to 256bit encryption strength
  • Unlimited reissues / replacements for lifetime of Certificate
  • Issued from a future proof 2048 bit root CA Certificate (meets NIST and CA/B Forum recommendations)

Why Self Signed Certificates Do Not Work
Providing a trusted, self-signed SSL Certificate, is simply not possible anymore. When presented with an untrusted Certificate browsers display warnings or simply refuse connections. Users are then dangerously conditioned to ignore these warnings and simply "click through". GlobalSign Embedded SSL Certificates simply work out of the box.

Save R&D funds for research and development 
The return on your investment associated with Embedded SSL versus spending precious R&D dollars by setting up and testing in-house CA equipment is tremendous. Embedded SSL from GlobalSign requires no upfront costs, you only pay for the SSL Certificates procured. Costs of these Certificates, for strict use on appliances, is a magnitude lower than for general use SSL Certificates. A pilot can be setup for less than $15,000. We also do not require any equipment onsite.

How Embedded SSL Works

1. Certificates are installed during the manufacturing process
GlobalSign provides a comprehensive API allowing Certificate requests to be processed and issued in large numbers in a matter of seconds. We can generate the request on your behalf, meaning, you will only have to place the resulting Certificate (delivered in PKCS#12 format) in the appropriate place for use by the embedded web server. Certificates can have validity periods of up to five years and are fully verified before issuance.

2. Take advantage of our partnership with AutoSSL
If preferred, GlobalSign has partnered with AutoSSL to provide an option in the web interface where Certificates can be requested during setup of the appliance. Again, this is made as painless as possible and allows you or your customers to request and issue a Certificate in a matter of seconds. To learn more about AutoSSL and Sericon Technology please visit: www.sericontech.com


The Embedded SSL Process

Embedded SSL for routers, media centers, devices
  • (1) Certificate Management Portal

    GlobalSign Certificate Center (GCC) is a SaaS platform which allows service access either through a web based portal or in Napera’s case an automated API. Napera submits an appropriately formatted Certificate request (serialnumber.mynapera.com) via an approved API (Application Programming Interface) to GlobalSign. Upon verification of identity utilizing the pre-vetted domain sn.yourdomain.com*, GlobalSign either directly or via the API issues the Certificate or sends such Certificate to the e-mail address from which the Certificate application had originated. Organization validated Certificates are issued immediately utilizing the pre-vetted domain mynapera.com. *sn = Serial Number


    GlobalSign verifies the submitted information by checking domain ownership or domain right to use and any other information as it sees fit. This may also include checks in third party databases or resources, against standard bodies such as the Internet Engineering Task Force (IETF) or the Internet Corporation for Assigned Names and Numbers (ICANN), and independent verification through telephone.

  • (2) API Communication

    The Application Programming Interface (API) allows for communications between Napera’s manufacturing systems and the GCC to apply for, generate, send, receive and install the Organizationally Validated SSL Certificate onto the N24 and N24S devices.

  • (3,4) Sample API Code, Private Key Return

    <?php
       require_once 'SOAP/Client.php';
       $url = 'http://xxx.globalsign.com/services/GasOrder';
       $nameSpace = 'http://xxx.globalsign.com';
        class Order {
          var $client;
          var $nameSpace;
                function Order($url,$nameSpace) {
             $this->client = new SOAP_Client($url);
                 $this->client->_namespace = $nameSpace;
          }
          function PVOrder($request) {
             $res = $this->client->call('PVOrder',$request,$this->nameSpace);
             return $res;
          }
       }
       $rek = new Order($url,$nameSpace);
        req['Request']['OrderRequestHeader']['AuthToken']['UserName'] = '';
      $req['Request']['OrderRequestHeader']['AuthToken']['Password'] = ''; 
       $req['Request']['OrderParameter']['ProductCode'] = "OV";
       $req['Request']['OrderParameter']['OrderKind'] = "new";
       $req['Request']['OrderParameter']['Licenses'] = "1";
       $req['Request']['OrderParameter']['ValidityPeriod']['Months'] = "12";
       $req['Request']['OrderParameter']['CSR'] = "-----BEGIN CERTIFICATE REQUEST-----
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    -----END CERTIFICATE REQUEST-----";
          $req['Request']['ContactInfo']['FirstName'] = "xxxx";
          $req['Request']['ContactInfo']['LastName'] = "yyyy";
          $req['Request']['ContactInfo']['Phone'] = "55555";
          $req['Request']['ContactInfo']['Email'] = "admin@test.com";
       $res = $rek->PVOrder( $req );  
        print_r($res);  
    ?>

    Private Key Returned
    The XML Certificate is returned in PKCS#12 format

Next Steps:

Embedded SSLResources:

Embedded SSL Case Study:

Products
GlobalSign were able to deliver the platform and EV SSL products that meet our operational and security requirements and have helped make the switch to EV SSL Certificates straightforward Alex New, IT Architect
Virgin Atlantic Read more

Companies who Trust GlobalSign

See More...
Adobe