®
USER’S GUIDE
Battery Management System
124
Method 3: Use the APC Security Wizard to create a certificate-signing
request to be signed by the root certificate of an external Certificate
Authority and to create a server certificate.
You use the APC Security
Wizard to create a request (a .csr file) to send to a Certificate Authority. The
Certificate Authority returns a signed certificate (a .crt file) based on
information you submitted in your request. You then use the APC Security
Wizard to create a server certificate (a .p15 file) that includes the signature
from the root certificate returned by the Certificate Authority. You upload the
server certificate to the Management Card in the Battery Management
System master controller.
This method has the following advantages and disadvantages.
• Advantages:
– Before they are transmitted, the user name and password for
Management Card access and all data to and from the Management
Card are encrypted.
– You have the benefit of authentication by a Certificate Authority that
already has a signed root certificate in the certificate cache of the
browser. (The CA certificates of commercial Certificate Authorities
are distributed as part of the browser software, and a Certificate
Authority of your own company or agency has probably already
loaded its CA certificate to the browser store of each user’s
browser.) Therefore, you do not have to upload a root certificate to
the browser of each user who needs access to the Battery
Management System.
– The length of the public key (RSA key) that is used for setting up an
SSL session is 1024 bits, providing more complex encryption and
You can also use Method 3 if your company or agency
operates its own Certificate Authority. Use the APC Security
Wizard in the same way, but use your own Certificate
Authority in place of a commercial Certificate Authority.