AltoCommand requires authenticated access to devices to be able to perform write operations to the device, including firmware upgrades and certain configuration tasks such as automated rebeamforming. To provide authenticated access, AltoCommand needs to install client certificates to have SSL-based authentication to AltoPlex devices.
To install a certificate on the device, AltoCommand requires write access to the device. If you have changed device’s password, you will be asked to provide the password. The password is needed for one-time access to install the certificate, and is not stored on AltoCommand.
For information about backing up AltoCommand certificates, see Back up and restore AltoCommand certificate files.
-
Open the AltoCommand WebUI:
In your browser's address bar, type:
https://hostname
where hostname is the fully qualified domain name of the AltoCommand server.
-
Log into the WebUI as a user with admin privileges.
The default username is admin
The default password is admin
- Click Settings > Site Devices.
- In the list of devices, under Certificate, an icon indicates the current certificate status.
- For devices that have not yet been authenticated, click the
icon in the Certificate column next to the device.
AltoCommand will install a certificate on the device. When the certificate installation is complete, the icon will change to a check mark (
).
Certificate-related icons and remediation tasks
Various icons may appear in the Certificate column:
| Icon | Meaning | Remediation |
 |
Authentication is successful. | |
 |
Authentication has not been performed. | Click the icon to begin the authentication process. |
 |
Authentication failed. | Click the icon and select Try again. |
 |
Authentication is in an unknown state. | This could be the result of a device being offline or unreachable. |
 |
Device is already authenticated with another instance of AltoCommand. | Click the icon to reauthenticate on this instance of AltoCommand. |
Delete an existing client certificate
Generally, it shouldn't be necessary to delete existing client certificates. For example, if a devices is moved from one instance of AltoCommand to another, simply click the Reauthenticate icon
() to reauthenticate the device on the new instance of AltoCommand.
If you do need to delete the client certificate, do one of the following:
- Factory reset the device. See device documentation for instructions.
- Use the install_client_ca_certificate?reset=true REST API, for example:
$ curl -k -u admin:admin \
https://server_name/rest/v002/security/install_client_ca_certificate?reset=true \
-X POST \
-d ""
Where server_name is the IP address or hostname.local (KB-XX-XX-XX.local) of the device.