Certificates
To meet organization security requirements, you can install a device certificate – signed by the organization's certificate authority (CA) – to each Q-SYS Core and peripheral. CA-signed device certificates allow for trusted connections between Cores, peripherals, and PCs accessing those devices on the network.
Note: Certificates must be PEM-encoded (ASCII, base64).
Prerequisites
- Before proceeding, obtain the contact information for your organization's CA. This is usually someone in the IT department responsible for network security requirements.
- Use Q-SYS Core Manager to install device certificates on Q-SYS Core processors.
Installing a Certificate
To begin, click the Generate CSR tab. Follow one of these procedures, depending on your and the CA's requirements:

Generate a CSR and install a device certificate on a single Q-SYS peripheral.

Generate a CSR for one Q-SYS peripheral and then use it as a template to generate CSRs for additional peripherals.

If required by the CA, upload a CSR template as a starting point for generating the CSR for one or more Q-SYS peripherals.
Removing a Certificate
Only one certificate can be installed at a time. If you need to remove the current certificate and install a new one:
- Click the Device Certificate tab.
- Click Remove Certificate.
- Click Remove and Reboot to confirm.