Administration: Difference between revisions

Jump to navigation Jump to search

Administration (view source)

Revision as of 16:02, 19 July 2022

195 bytes added ,  19 July 2022
add new 3.6 functionality for ca-certs
(Update the ssl/tls-description to the options we brought in with 3.6)
(add new 3.6 functionality for ca-certs)
Line 50: Line 50:
* ACME: The Certificates will be downloaded from the specified Certificate Authority
* ACME: The Certificates will be downloaded from the specified Certificate Authority
* Upload: You are able to upload a X.509 certificate file and a key file. Upon successful upload, this certificate will be used to serve the user interface.
* Upload: You are able to upload a X.509 certificate file and a key file. Upon successful upload, this certificate will be used to serve the user interface.
* Self-Signed: Self-Signed: Generate self-signed certificates with a custom hostname. They will be valid for 10 years and replace the legacy certificates for devices shipped with firmware version 3.6 or later.
* Self-Signed: Self-Signed: Generate self-signed certificates with a custom host-name. They will be valid for 10 years and replace the legacy certificates for devices shipped with firmware version 3.6 or later.
The Default Mode is always the fallback if the process does not work.
The Default Mode is always the fall-back if the process does not work.
The '''Reset to default SSL certificate''' button will remove any user-provided SSL certificate and the user interface will be served using the default SSL certificate.
The '''Reset to default SSL certificate''' button will remove any user-provided SSL certificate and the user interface will be served using the default SSL certificate.


=== Certificate Authority ===
=== Certificate Authority ===


Some features also connect to external SSL services, for instance when sending email notifications via SMTP or when searching for [[Firmware update|firmware updates]]. Usually these SSL connections are verified with the builtin CA certificate pool. It is also possible to upload one or many own CA certificates which are used additionally to the system ones.
Some features also connect to external SSL services, for instance when sending email notifications via SMTP or when searching for [[Firmware update|firmware updates]]. Usually these SSL connections are verified with the built-in CA certificate pool. It is also possible to upload one or many own CA certificates which are used additionally to the system ones.


The button "Install SSL CA certificates" opens a dialog where the file can be selected and uploaded. This file must contain certificates in the PEM format. It may contain multiple certificates. Uploading new certificates will replace the existing ones. The button "Remove SSL CA certificates" will delete the previously installed custom CA certificates so that only  the system CA pool is used again for certificate verification.
The button "Install SSL CA certificates" opens a dialoug where the file can be selected and uploaded. This file must contain certificates in the PEM format. It may contain multiple certificates.  
 
Before version 3.6 uploading new certificates will replace the existing ones. The button "Remove SSL CA certificates" will delete the previously installed custom CA certificates so that only  the system CA pool is used again for certificate verification.
 
With version 3.6 uploading a new certificate adds to the old one. You can delete all by pressing the "Remove all CA certificates" and also remove separate certificates.
Tom.Wegener
59

edits

Retrieved from "https://allegro-packets.com/wiki/Special:MobileDiff/4028"

Navigation menu