59
edits
Administration: Difference between revisions
improve description of uploaded certificates
Tom.Wegener (talk | contribs) (fixed the version number for hsts (4.1.1 as minimal to 4.2)) |
Tom.Wegener (talk | contribs) (improve description of uploaded certificates) |
||
| Line 53: | Line 53: | ||
The appliance comes with a pre-installed generic TLS certificate but a custom certificate can be uploaded, generated (since 3.6) or downloaded from a Certificate Authority (since 3.6). | The appliance comes with a pre-installed generic TLS certificate but a custom certificate can be uploaded, generated (since 3.6) or downloaded from a Certificate Authority (since 3.6). | ||
Depending on your firmware-version there are two to four possibilities | Depending on your firmware-version there are two to four possibilities. | ||
==== Since 3.6: ==== | ==== Since 3.6: ==== | ||
| Line 65: | Line 59: | ||
* Legacy: The default certificates the appliance got shipped with will be used if the appliance got shipped with an older firmware than 3.6. You won't be able to switch back to this option and it will be hidden if it is not selected. | * Legacy: The default certificates the appliance got shipped with will be used if the appliance got shipped with an older firmware than 3.6. You won't be able to switch back to this option and it will be hidden if it is not selected. | ||
* ACME: The Certificates will be downloaded from the specified Certificate Authority | * ACME: The Certificates will be downloaded from the specified Certificate Authority | ||
* Upload: You are able to upload a X.509 certificate file and a key file. Upon successful upload, this certificate will be used to serve the user interface. | * Upload: You are able to upload a X.509 certificate file and a (unencrypted) key file in the .pem-file format. Upon successful upload, this certificate will be used to serve the user interface. | ||
* Self-Signed: Self-Signed: Generate self-signed certificates with a custom host-name. They will be valid for 10 years and replace the legacy certificates for devices shipped with firmware version 3.6 or later. | * Self-Signed: Self-Signed: Generate self-signed certificates with a custom host-name. They will be valid for 10 years and replace the legacy certificates for devices shipped with firmware version 3.6 or later. | ||
The Default Mode is always the fall-back if the process does not work. | The Default Mode is always the fall-back if the process does not work. | ||
The '''Reset to default SSL certificate''' button will remove any user-provided SSL certificate and the user interface will be served using the default SSL certificate. | The '''Reset to default SSL certificate''' button will remove any user-provided SSL certificate and the user interface will be served using the default SSL certificate. | ||
==== Before 3.6: ==== | |||
There are two options: | |||
* You are able to use the certificates the appliance got delivered with. (You are able to reset to that with the Reset-Button) | |||
* You are able to upload a X.509 certificate file and a key file. Upon successful upload, this certificate will be used to serve the user interface. | |||
==== Since 4.2: ==== | ==== Since 4.2: ==== | ||