Talk2M VPN certificate updates

Why is a VPN CA update is required?

VPN Certificates are a security best practice within our industry and they always come with a pre-defined expiration date.

The Talk2M Root Certificate Authority, which administers VPN certificates, was updated in January 2017 and has since been providing updated certificates to newly registered devices.

In May 2018 we also added a new feature in Talk2M to automatically update device VPN certificates.

However, there are Cosy, Flexy, and CD products registered prior to January 2017 which have not connected to Talk2M since May 2018. These devices retain an older certificate. This older certificate will expire in December 31st, 2018.

What does this mean?

There are eWON Cosy, Flexy, and CD units in the field with soon-to-be-expired VPN certificates, and so they must be updated

The best way to update these VPN certificates is to bring the unit online with Talk2M.

As soon as they are online, the unit automatically receives the new certificate. This new VPN certificate has an expiry date of 2035.

This process is a part of our ASPU (automatic security patch update) mechanism and does not affect device operation (no reboot!).          

What is the impact? Which devices does this concern?

Devices which are safe and not of concern:

  • Devices registered in Talk2M after January 17th, 2017.
  • Devices registered in Talk2M before January 17th, 2017 and have connected to Talk2M since May 1st, 2018.
  • Unopened / new in the box devices (e.g. at a local warehouse / on the shelf) which have never connected to the Internet / Talk2M.

Devices which are of concern:

  • Devices registered in Talk2M before January 17th, 2017 which have not connected to Talk2M since May 1st, 2018.

These devices need to be brought online before December 31st, 2018 so that the Talk2M Root CA can provide the updated VPN device certificate.

These soon-to-be-expired VPN Certificates cannot have their expiry dates extended.

How can I know if my devices are concerned?

  1. Inside eCatcher, a warning message will be displayed if at least one of your devices requires a certificate update. If the warning message is not displayed, it means that no additional action is required.
  2. In addition to the warning banner, the latest version of eCatcher displays which devices need their certificates updated. These devices are marked with a red triangle icon .

What happens if the devices cannot be brought online by December 31st, 2018?

After December 31st, 2018, it will no longer be possible to automatically update the certificate via Talk2M.

The best way to receive the new certificates after December 31st, 2018, is to establish a local connection with the eWON device, connect the WAN port to the Internet, and re-run the Talk2M wizard. This will ensure a new VPN certificate is provided to the unit.

To accomplish this, only two steps are needed:

Step 1: In eCatcher, retrieve the Activation Key from your Talk2M account

 

 

 Step 2: Connect locally to the eWON and run the Talk2M wizard again.

 

For Cosy (new GUI) – Watch the eLearning video

 

 

 

 

For Flexy (new GUI) – Watch the eLearning video

 

 

 

 

For CD, Cosy and Flexy (old GUI) – Watch the eLearning video

 

 

What if I don’t use the flagged eWON product anymore?

If the red icon is flagging an eWON product that is no longer in use, you can simply delete the eWON from your Talk2M account. You can learn more from our eCatcher online help.