SSL configuration
RecoveryManager Plus supports SSL connection to ensure security of data transferred between the browser and the product server.
Steps to apply SSL certificate
- Navigate to the Admin tab → General Settings → Product Settings → Connection Settings → SSL Certification Tool.
- If you don’t have a SSL certificate, select the Generate Certificate option and follow the steps here.
- If you already have a SSL certificate, select the Apply Certificate option and follow the steps here.
To generate SSL certificate
- In the Common Name field, enter the name of the server.
Example: For the URL https://servername:8558, the common name is servername.
- In the SAN Names field, enter additional hostnames.
- In the Organizational Unit field, enter the name of the department that you want to display in the certificate.
- In the Organization field, enter the legal name of your organization.
- In the City field, enter the name of the city as provided in your organization’s registered address.
- In the State/Province field, enter the name of the state or province as provided in your organization’s registered address.
- In the Country Code field, enter the two letter code of the country where your organization is located.
- In the Password field, enter a password that consists of at least 6 characters to secure the keystore.
- In the Validity (In Days) field, specify the number of days for which the SSL certificate will be considered valid.
Note: When no value is entered, the certificate will be considered to be valid for 90 days.
- In the Public Key Length (In Bits) field, specify the size of the public key. Note: The default value is 2048 bits and its value can only be incremented in multiples of 64.
- After all values have been entered, you can select either of these two options:
- Generate CSR
This method allows you to generate the Certificate Signing Request (CSR) file and submit it to your certificate authority (CA). Using this file, your CA will generate a custom certificate for your server.
- Click Download CSR or manually get it by going to the <Install_dir>\Certificates folder.
- Once you have received the certificate files from your CA, follow the steps listed under To apply an existing SSL Certificate section to apply the SSL certificate.
- Generate & Apply Self-Signed Certificate
This option allows you to create a self-signed certificate and apply it instantly in the product. However, self-signed SSL certificates come with a drawback. Anyone accessing the product secured with a self-signed SSL certificate will be shown a warning telling them that the website is not trusted, which may cause concern.
If you want to go ahead and apply the self-signed certificate, follow the steps given below:
- Click Apply Self-Signed Certificate.
- Once you get the message that SSL certificate has been successfully applied, restart the product for the changes to take effect.
To apply an existing SSL certificate
If you already have a SSL certificate, follow the steps listed below to apply it.
- Select Apply Certificate.
- Choose an Upload Option based on the certificate file type.
- ZIP Upload:
- If your CA has sent you a ZIP file, then select ZIP Upload. Browse and upload the ZIP file.
- If your CA has sent you individual certificate files such as user, intermediary, and root certificates, you can put all these certificate files in a ZIP file and upload it.
- If your certificate's private key is password protected, enter its password in the Private Key Passphrase field.
- Individual Certificates:
- If your CA has sent you just one certificate file (PFX or PEM format), then select Individual Certificates.
- Browse and upload the certificate in the Upload Certificate field.
- Browser and upload the additional certificate files provided by your CA in the Upload CA Bundle field.
- If the uploaded certificate is password protected, enter the password that must be provided to access it in the Certificate Password field.
- Certificate Content:
- If your CA has sent the certificate content, then choose Certificate Content option, and paste the certificate content in the Paste Certificate Content field.
- If your certificate's private key is password protected, enter its password in the Private Key Passphrase field.
Note: Only Triple DES encrypted private keys are currently supported.
- Click Apply.
- Restart the product for the changes to take effect.