 |
|
 |
|
|
|
| |
EmbeddedSSL
SSL Certificates for Devices
In an ever increasing mobile and interconnected world, accessing everyday devices ranging from media centers and recorders, point of sale equipment, network/wifi/cable routers, NAS vehicle equipment and even kitchen appliancesdevices, and the data they contain has become a necessity.
GlobalSign has made it easier and cheaper than ever for manufactures and value added resellers to provide the peace of mind around security that customers demand.
EmbeddedSSL provides fully verified Certificates, recognized in all popular browsers, for use in these devices. EmbeddedSSL is designed to decrease the in-house development costs associated with the procurement of SSL Certificates and to deliver Certificates in the most streamlined process possible. We allow very rapid development of pilot projects (a matter of days rather than months), eliminating the need to setup your own CA, PKI infrastructure and policies.
|
|
| Main Features of EmbeddedSSL |
| |
|
Why Self Signed Certificates Don't Work
Providing a trusted, self-signed SSL Certificate, is simply not possible anymore. When presented with an un-trusted Certificate browsers display warnings or simply refuse connections. Users are then dangerously conditioned to ignore these warnings and simply "click through". GlobalSign EmbeddedSSL Certificates simply work out of the box.
Save R&D dollars for research and development
The return on your investmenet associated with EmbeddedSSL versus spending precious R&D dollars by setting up and testing in-house CA equipment is tremendous. EmbeddedSSL from GlobalSign requires no upfront costs, you only pay for the SSL Certificates procured. Costs of these Certificates, for strict use on appliances, is a magnitude lower than for general use SSL Certificates. A pilot can be setup for less than $15,000. We also do not require any equipment onsite.
|
How EmbeddedSSL Works
1. Certificates are installed during the manufacturing process
GlobalSign provides a comprehensive API allowing Certificate requests to be processed and issued in large numbers in a matter of seconds. We can generate the request on your behalf, meaning, you will only have to place the resulting Certificate (delivered in PKCS#12 format) in the appropriate place for use by the embedded web server. Certificates can have validity periods of up to five years and are fully verified before issuance.
2. Take advantage of our partnership with AutoSSL
If preferred, GlobalSign has partnered with AutoSSL to provide an option in the web interface where Certificates can be requested during setup of the appliance. Again, this is made as painless as possible and allows you or your customers to request and issue a Certificate in a matter of seconds.
To learn more about AutoSSL and Sericon Technology please visit: www.sericontech.com
| Why Choose GlobalSign? |
 |
Some of the biggest global brands and many Governments choose GlobalSign |
|
We’re easy to do business with. We answer the phone. We listen to you. We do not penalize you for unspent account balances. |
|
We give you a Dedicated Account Manager in your region |
|
We operate Technical Support offices around the world |
|
Optional 24/7/365 Premier Support levels |
|
We’ve been WebTrust for Certification Authorities compliant for 7 years, and operating a trusted digital certificates network for 12 years |
|
|
|
The Process:
|
|
(1) Certificate Management Portal
GlobalSign Certificate Center (GCC) is a SaaS platform which allows service access either through a web based portal or in Napera’s case an automated API. Napera submits an appropriately formatted certificate request (serialnumber.mynapera.com) via an approved API (Application Programming Interface) to GlobalSign. Upon verification of identity utilizing the pre-vetted domain sn.yourdomain.com*, GlobalSign either directly or via the API issues the certificate or sends such certificate to the e-mail address from which the certificate application had originated. Organizationally Vetted Certificates are issued immediately utilizing the pre-vetted domain mynapera.com.
*sn = Serial Number
GlobalSign verifies the submitted information by checking domain ownership or domain right to use and any other information as it sees fit. This may also include checks in third party databases or resources, against standard bodies such as the Internet Engineering Task Force (IETF) or the Internet Corporation for Assigned Names and Numbers (ICANN), and independent verification through telephone.
(2) API Communication
The Application Programming Interface (API) allows for communications between Napera’s manufacturing systems and the GCC to apply for, generate, send, receive and install the Organizationally Validated SSL Certificate onto the N24 and N24S devices.
(3) Sample API Code:
<?php
require_once 'SOAP/Client.php';
$url = 'http://xxx.globalsign.com/services/GasOrder';
$nameSpace = 'http://xxx.globalsign.com';
class Order {
var $client;
var $nameSpace;
function Order($url,$nameSpace) {
$this->client = new SOAP_Client($url);
$this->client->_namespace = $nameSpace;
}
function PVOrder($request) {
$res = $this->client->call('PVOrder',$request,$this->nameSpace);
return $res;
}
}
$rek = new Order($url,$nameSpace);
req['Request']['OrderRequestHeader']['AuthToken']['UserName'] = '';
$req['Request']['OrderRequestHeader']['AuthToken']['Password'] = '';
$req['Request']['OrderParameter']['ProductCode'] = "OV";
$req['Request']['OrderParameter']['OrderKind'] = "new";
$req['Request']['OrderParameter']['Licenses'] = "1";
$req['Request']['OrderParameter']['ValidityPeriod']['Months'] = "12";
$req['Request']['OrderParameter']['CSR'] = "-----BEGIN CERTIFICATE REQUEST-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE REQUEST-----";
$req['Request']['ContactInfo']['FirstName'] = "xxxx";
$req['Request']['ContactInfo']['LastName'] = "yyyy";
$req['Request']['ContactInfo']['Phone'] = "55555";
$req['Request']['ContactInfo']['Email'] = "admin@test.com";
$res = $rek->PVOrder( $req );
print_r($res);
?>
(4) Private Key Returned
The XML Certificate is returned in PKCS#12 foramt
|
|
|
|
|
