Download PDF
Download page Cloud Gateway Options.
Cloud Gateway Options
Menu path: UMS Administration > Global Configuration > IGEL Cloud Gateway
Here you can create and manage ICG certificates and first-authentication keys for connecting devices via IGEL Cloud Gateway (ICG).
For details of how to set up all components for a connection to the ICG, read Installation and Setup.
Certificates
Generate root certificate | |
Import root certificate | |
Generate signed certificate | |
Delete certificate | |
Export certificate chain in the IGEL Cloud Gateway Keystore format | |
Show content of the certificate | |
Navigate to ICG instance view |
Generate root certificate
- Displayname: Name in the root certificate (common name, CN).
- Your organization: Organization, company, government agency.
- Your city or district: The location of the organization.
- Your two-letter country code: ISO 3166 country code, e.g. DE for Germany.
- Valid until: Local date on which the certificate expires. (Default: in 10 years)
Import root certificate
- The file selection window opens, allowing you to select the certificate file which must be in the PEM format.
Generate a signed certificate
Name: Name in the certificate (common name, CN).
- Your first name and surname: Name of the certificate holder.
- Your organization: Organization, company, government agency.
Your city or district: The location of the organization.
The name in a signed certificate must be different from the one in the root certificate with which it is signed. UMS provides a warning in this case:
- Your country code (two letters): ISO 3166 country code, e.g. DE for Germany.
- Host name and/or IP of the target server for the certificate: Host name(s) and IP address(es) for which the certificate is valid. Multiple entries should be separated by a semicolon. To generate a wildcard certificate, use the asterisk, e.g. *.example.com.
- Valid until: Local date on which the certificate expires. (Default: in a year)
- Certificate type
Possible options:
- CA Certificate: The certificate can be used to sign other certificates, but it can not be used by the ICG.
- End Entity: The certificate can be used by the ICG, but it can not be used to sign other certificates.
Context menu (root certificate)
- Generate signed certificate: Collects certificate data and signs them with the selected root certificate.
- Import signed certificate: Imports a certificate in PEM format that was already signed outside the UMS by the imported CA.
Import decrypted private key: Imports a private key file.
If the private key is protected with a passphrase, you must decrypt it on the command line with OpenSSL before importing it:openssl rsa -in encrypted.key -out decrypted.key
- Delete certificate: Deletes the certificate from the UMS.
- Export certificate chain in the IGEL Cloud Gateway Keystore format: Produces a file for ICG installation program.
- Export certificate: Exports certificate file in the PEM format.
- Show content of the certificate: Shows the content of the certificate in a text window.
First-authentication Keys
Create new one-time passwords | |
Delete logon data | |
Disable logon data | |
Enable logon data | |
Send one-time passwords via mail | |
Export one-time passwords (in XML, HTML or CSV format) | |
Allows you to copy one-time passwords to the clipboard |
Create new first-authentication keys
You have the following options here:
- Create new one-time keys
- Quantity: Desired number of passwords to be created
- Create new one-time passwords associated with a device
- Unit ID
- Add: Adds unit ID entered in the text field to the list.
- Select: Selects from the devices in the UMS structure tree.
- Import: Reads in a CSV file with unit IDs.
- Unit ID
- Create new mass-deployment key
- Generate random mass-deployment key:
A random multiple-time password will be generated. (Default)
You can enter the desired password yourself.
- Generate random mass-deployment key: