TLS Certificate Criteria for CyberKey Air2
A TLS certificate (sometimes called by its older name 'SSL certificate') is part of the HTTPS protocol that ensures secure web communications. CyberAudit-Web supports HTTPS both for browsers and communicators. CyberKey Air2 has specific requirements for its TLS certificate which are as follows:
| The Common Name in the server's certificate must match the host-name in the CyberAudit-Web server URL used by the CyberKey Air2. For example, if the certificate common name is "pilot.cyberauditweb.com" you cannot tell the Air2 to connect via an IP address or some other DNS alias. |
|
| The Signature algorithm must be one of: SHA256 RSA, SHA384 RSA, SHA512 RSA. SHA256 requires at least 1-2 seconds less connection time than SHA384 or SHA512. |
|
| Validity dates (Not Before, Not After) must be within bounds and both the server and key clocks must be within these bounds. |
|
| The Public key algorithm must be RSA. |
|
| The Public key size cannot exceed 2048 bits. |
|
The authority which signed the server's certificate must also adhere to the same criteria. The ultimate root authority is not important to the Air2.
