59
edits
Administration: Difference between revisions
→SSL certificate
No edit summary |
Tom.Wegener (talk | contribs) |
||
| Line 33: | Line 33: | ||
When there are saved configuration available, any of them can be selected and load onto the system again. It is also possible to delete the configuration. | When there are saved configuration available, any of them can be selected and load onto the system again. It is also possible to delete the configuration. | ||
=== SSL certificate === | === TLS/SSL certificate === | ||
The appliance comes with a pre-installed generic | The appliance comes with a pre-installed generic TLS certificate but an own certificate can be installed or downloaded from a Certificate Authority. | ||
The | You are able to choose between three modes: | ||
* Default Mode: The default certificates the appliance got shipped with will be used. | |||
* ACME-Mode: The Certificates will be downloaded from the specified Certificate Authority | |||
* File-Mode: You are able to upload a X.509 certificate file and a RSA key file. Upon successful upload, this certificate will be used to serve the user interface. | |||
The Default Mode is always the fallback if the process does not work. | |||
The '''Reset to default SSL certificate''' button will remove any user-provided SSL certificate and the user interface will be served using the default SSL certificate. | The '''Reset to default SSL certificate''' button will remove any user-provided SSL certificate and the user interface will be served using the default SSL certificate. | ||
=== Certificate Authority === | |||
Some features also connect to external SSL services, for instance when sending email notifications via SMTP or when searching for [[Firmware update|firmware updates]]. Usually these SSL connections are verified with the builtin CA certificate pool. It is also possible to upload one or many own CA certificates which are used additionally to the system ones. | Some features also connect to external SSL services, for instance when sending email notifications via SMTP or when searching for [[Firmware update|firmware updates]]. Usually these SSL connections are verified with the builtin CA certificate pool. It is also possible to upload one or many own CA certificates which are used additionally to the system ones. | ||
The button "Install SSL CA certificates" opens a dialog where the file can be selected and uploaded. This file must contain certificates in the PEM format. It may contain multiple certificates. Uploading new certificates will replace the existing ones. The button "Remove SSL CA certificates" will delete the previously installed custom CA certificates so that only the system CA pool is used again for certificate verification. | The button "Install SSL CA certificates" opens a dialog where the file can be selected and uploaded. This file must contain certificates in the PEM format. It may contain multiple certificates. Uploading new certificates will replace the existing ones. The button "Remove SSL CA certificates" will delete the previously installed custom CA certificates so that only the system CA pool is used again for certificate verification. | ||