APC Battery Management System Battery Charger User Manual


 
®
USER’S GUIDE
Battery Management System
121
This method does not include the browser-based authentication
provided by a CA certificate (a certificate signed by a Certificate
Authority) as Methods 2 and 3 provide. There is no CA Certificate
cached in the browser. Therefore, whenever you log on to the
Battery Management System, the browser generates a security
alert, indicating that a certificate signed by a trusted authority is not
available and asking if you want to proceed.
The default server certificate on the Battery Management System
has the Management Card’s serial number in place of a valid
common name (the DNS name or the IP address of the
Management Card). Therefore, although the Battery Management
System can control access to its Web interface by user name,
password, and account type (e.g., Administrator, Device Manager,
or Read-Only User), the browser cannot authenticate what master
controller’s Management Card is sending or receiving data.
The length of the public key (RSA key) that is used for encryption
when setting up an SSL session is only 768 bits. (The public key
used in Methods 2 and 3 is 1024 bits, providing more complex
encryption and consequently a higher level of security.)