Update HTTPS Certificate

To update the controller's HTTPS certificate you must first upload an HTTPS validation file. When that has been validated you can upload the new HTTPS certificate and enter the certificate file password that was created during the export process.

Upload Validation File

Upload HTTPS validation file (*.txt).

Type: System

SubType: HTTPSValidate

http://192.168.1.2/PRT_CTRL_DIN_ISAPI.dll?Command&Type=System&SubType=HTTPSValidate*uploaded_file*

Success Response

OK

The files are uploaded using "multipart/form-data". This means the POST header is Command&Type=System&SubType=HTTPSValidate, which gets encrypted. Then there is a separate section for the actual file itself. The Protege WX DLL receives and decrypts the POST header ( ...HTTPSValidate... ) which triggers it to then request the associated file from the web server's receiving thread. The file itself is sent as raw binary data.

The transfer looks something like this:

POST /PRT_CTRL_DIN_ISAPI.dll?Command&Type=System&SubType=HTTPSValidate HTTP/1.1
Host: 10.0.3.201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.1.2/index.htm
X-Requested-With: XMLHttpRequest
Content-Type: multipart/form-data; boundary=---------------------------790876665010
Content-Length: 6915
DNT: 1
Connection: keep-alive
Cookie: SESSID=4D9625289F2629D506220AAF5107243B

-----------------------------790876665010
Content-Disposition: form-data; name="HTTPSValidatefile"; filename="new yourHTTPSValidate.txt"
Content-Type: text/plain

**File data**

Where File data is the file to upload.

Upload Certificate

Type: System

SubType: HTTPSCert

http://192.168.1.2/PRT_CTRL_DIN_ISAPI.dll?Command&Type=System&SubType=HTTPSCert*uploaded_file*

Success Response

OK

The files are uploaded using "multipart/form-data". This means the POST header is Command&Type=System&SubType=HTTPSCert, which gets encrypted. Then there is a separate section for the actual file itself. The Protege WX DLL receives and decrypts the POST header ( ...HTTPSCert... ) which triggers it to then request the associated file from the web server's receiving thread. The file itself is sent as raw binary data.

The transfer looks something like this:

POST /PRT_CTRL_DIN_ISAPI.dll?Command&Type=System&SubType=HTTPSCert HTTP/1.1
Host: 10.0.3.201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.1.2/index.htm
X-Requested-With: HTTPSCert
Content-Type: multipart/form-data; boundary=---------------------------790876665010
Content-Length: 6915
DNT: 1
Connection: keep-alive
Cookie: SESSID=4D9625289F2629D506220AAF5107243B

-----------------------------790876665010
Content-Disposition: form-data; name="HTTPSCert"; filename="new yourHTTPSCert.pfx"
Content-Type: text/plain

**File data**

Where File data is the file to upload.

Certificate Password

A password is created by the user to protect the file during the export process.

Type: System

SubType: HTTPSPassForCert

http://192.168.1.2/PRT_CTRL_DIN_ISAPI.dll?Command&Type=System&SubType=HTTPSPassForCert&Password=<Certificate Password>

Success Response

OK

Errors

Command Failed (26) The supplied password could not unlock the certificate.

OpenSSL Comands

Commands to create a key-pair and self-signed certificate, then export it as a *.pfx file (OpenSSL v1.1 or later):

• Create:

  Copy

  openssl req -new -newkey rsa:2048 -x509 -sha256 -subj "/C=[Country code]/CN=[Common name]" -days 365 -out [name].crt -keyout [name].key

• Export:

  Copy

  openssl pkcs12 -export -certpbe PBE-SHA1-3DES -keypbe PBE-SHA1-3DES -nomac -out [name].pfx -inkey [name].key -in [name].crt

Password Character Support