CTERA Portal Datacenter Edition

Similar documents
CTERA Portal Datacenter Edition

mailtunnel Quick Guide ENCRYPTED TUNNEL COMENDO DATA CENTER SECURITY CENTER SPAM+VIRUS LOGS

App Orchestration 2.5

App Orchestration 2.0

Installing an SSL Certificate Provided by a Certificate Authority (CA) on the vwlan Appliance

Secure IIS Web Server with SSL

How To Install Ctera Agent On A Pc Or Macbook With Acedo (Windows) On A Macbook Or Macintosh (Windows Xp) On An Ubuntu (Windows 7) On Pc Or Ipad

This section includes troubleshooting topics about certificates.

SSL Certificates and Bomgar

Certificate technology on Pulse Secure Access

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]

F-Secure Messaging Security Gateway. Deployment Guide

Introduction SSL-VPN. Creating and Installing Digital Certificates on SonicWALL SSL-VPN Appliances

TechNote. Contents. Overview. Using a Windows Enterprise Root CA with DPI-SSL. Network Security

Certificate technology on Junos Pulse Secure Access

Renewing an SSL Certificate Provided by a Certificate Authority (CA) on the vwlan Appliance

WHITE PAPER Citrix Secure Gateway Startup Guide

SWITCHBOARD SECURITY

Creating and Issuing the Workstation Authentication Certificate Template on the Certification Authority

Installing and Configuring vcloud Connector

Cloud Attached Storage

Installing an SSL Certificate Provided by a Certificate Authority (CA) on the BlueSecure Controller (BSC)

Scenarios for Setting Up SSL Certificates for View

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

Securing Microsoft Exchange 2010 With VeriSign Authentication Services

Securing Microsoft Exchange 2010 with Symantec SSL Certificates

ADFS Integration Guidelines

Microsoft Exchange 2010 and 2007

Using Internet or Windows Explorer to Upload Your Site

Browser-based Support Console

Configuring Digital Certificates

Citrix XenServer Workload Balancing Quick Start. Published February Edition

Using a custom certificate for SSL inspection

SSL Management Reference

CTERA Agent File Sync and Share for Mac

Appendix E. Captioning Manager system requirements. Installing the Captioning Manager

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

Securing Microsoft Exchange 2010 WITH THAWTE SSL CERTIFICATES

Security Certificate Configuration for IM and Presence Service

Exchange 2010 PKI Configuration Guide

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

Install an SSL Certificate onto SilverStream. Sender Recipient Attached FIles Pages Date. Development Internal/External None 5 6/16/08

Millennium Drive. Installation Guide

Using Protection Engine for Cloud Services for URL Filtering, Malware Protection and Proxy Integration Hands-On Lab

ECA IIS Instructions. January 2005

Backing Up and Restoring Microsoft Hyper-V Server Virtual Machines. Cloud Attached Storage. February 2014 Version 4.0

CHAPTER 7 SSL CONFIGURATION AND TESTING

Cisco ISE and Certificates. How to Implement Cisco ISE and Server Side Certificates

Migrating Your Windows File Server to a CTERA Cloud Gateway. Cloud Attached Storage. February 2015 Version 4.1

SSL Decryption Certificates

Unifying Information Security. Implementing TLS on the CLEARSWIFT SECURE Gateway

Managing Software and Configurations

Lab 1: Windows Azure Virtual Machines

Configuration Guide BES12. Version 12.2

CTERA Cloud Onramp for IBM Tivoli Storage Manager

Copyright 2012 Trend Micro Incorporated. All rights reserved.

APNS Certificate generating and installation

Guide for Generating. Apple Push Notification Service Certificate

Workspot Configuration Guide for the Cisco Adaptive Security Appliance

Configuration Guide. BES12 Cloud

Generating SSH Keys and SSL Certificates for ROS and ROX Using Windows AN22

Cloud Attached Storage

Microsoft OCS with IPC-R: SIP (M)TLS Trunking. directpacket Product Supplement

Clientless SSL VPN Users

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

Acano solution. Certificate Guidelines R1.7. for Single Combined Acano Server Deployments. December H

Run Archive Server for MDaemon in HTTPS

Setting Up SSL on IIS6 for MEGA Advisor

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

Configuration Guide BES12. Version 12.1

HP Device Manager 4.7

QMX ios MDM Pre-Requisites and Installation Guide

CTERA Agent for Mac OS-X

BlackBerry Enterprise Service 10. Version: Configuration Guide

How to Configure NetScaler Gateway 10.5 to use with StoreFront 2.6 and XenDesktop 7.6.

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

SETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE)

IIS 6.0SSL Certificate Deployment Guide

How to Obtain an APNs Certificate for CA MDM

Chapter 7 Managing Users, Authentication, and Certificates

Certificates for computers, Web servers, and Web browser users

How To Configure SSL VPN in Cyberoam

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

CTERA Portal Datacenter Edition

Getting Started Guide: Deploying Puppet Enterprise in Microsoft Azure

Configuring Secure Socket Layer (SSL) for use with BPM 7.5.x

Parallels Panel. Parallels Small Business Panel 10.2: User's Guide. Revision 1.0

CTERA Agent Sync Edition for Windows

Using Microsoft s CA Server with SonicWALL Devices

User's Guide. Product Version: Publication Date: 7/25/2011

Intel vpro Technology. How To Purchase and Install Symantec* Certificates for Intel AMT Remote Setup and Configuration

VMware Identity Manager Connector Installation and Configuration

Setting Up Resources in VMware Identity Manager

Archiving Full Resolution Images

USING SSL/TLS WITH TERMINAL EMULATION

Active Directory integration with CloudByte ElastiStor

All rights reserved. Trademarks

SSL Installing your new Certificate

Transcription:

Installing a Security Certificate on the CTERA Portal CTERA Portal Datacenter Edition Aug 2013 Versions 3.2, 4.0 2013, CTERA Networks. All rights reserved.

1 Introduction Certificates are used as part of the Transport Level Security (TLS) protocol. They enable users' Web browsers, CTERA appliances, and CTERA Agents to verify that the CTERA Portal server with which they are communicating is authentic and not spoofed. If the CTERA Portal does not have a valid certificate installed, CTERA appliances and CTERA Agents will not be able to connect to it. This document describes the necessary steps for installing a certificate on the CTERA Portal: 1 View the CTERA Portal's DNS Suffix (page 3) 2 Obtain an SSL Certificate (page 5) 3 Generate a Certificate Signing Request for Your Domain (page 7) 4 Sign the Certificate Request (page 11) 5 Validate and Prepare Certificates for Upload (page 13) 6 Install the Signed Certificate on CTERA Portal (page 15) CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal 2

2 View the CTERA Portal's DNS Suffix 1 Log in to the CTERA Portal. 2 In the status bar, in the Portal drop-down list, select Administration. The Global Administration View appears displaying the Main > Dashboard page. 3 In the navigation pane, click Settings > Global Settings. CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal 3

2 View the CTERA Portal's DNS Suffix The Settings > Global Settings page appears. The DNS Suffix field displays the CTERA Portal's DNS suffix. Tip This document assumes that your CTERA Portal uses the following DNS suffix: ctera.com 4 CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal

3 Obtain an SSL Certificate It is necessary to obtain a valid certificate signed either by a well-known certificate authority, or by your own internal certificate authority. Tip If you intend to generate a signed certificate using your own internal certificate authority, please contact CTERA Support at http://www.ctera.com/support beforehand. The SSL certificate can be either of the following: A wildcard certificate A wildcard SSL certificate secures your website's URL and an unlimited number of its subdomains. For example, a single wildcard certificate for *.ctera.com can secure both company01.ctera.com and company02.ctera.com. A wildcard certificate is mandatory, if you plan for your service to consist of more than one virtual portal. A domain certificate A domain certificate secures a single domain or subdomain only. For example: company01.ctera.com. CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal 5

3 Obtain an SSL Certificate This option is relevant if you are planning to provision a single virtual portal only. Tip To obtain a self-signed certificate for testing and evaluation purposes only, contact CTERA Support at http://www.ctera.com/support and specify your CTERA Portal's DNS suffix (which you viewed in View the CTERA Portal's DNS Suffix (page 3)). CTERA will generate a self-signed certificate for your DNS suffix and provide you with a ZIP file that you can upload to your CTERA Portal environment. Tip The CTERA Portal also supports certificates with Subject Alternative Names (SAN certificates). This option enables you to secure multiple domain names with a single certificate. 6 CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal

4 Generate a Certificate Signing Request for Your Domain Once you have obtained your DNS suffix, you need to generate a certificate signing request (CSR) for your domain using CTERA Portal. This requires a CTERA Portal Administrator account. 1 Log in to the CTERA Portal using your Administrator account. 2 In the status bar, in the Portal drop-down list, select Administration. The Global Administration View appears displaying the Main > Dashboard page. 3 In the navigation pane, click Settings > SSL Certificate. The Settings > SSL Certificate page appears. 4 Click Request Certificate. CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal 7

4 Generate a Certificate Signing Request for Your Domain The Create a Certificate Request Wizard opens. In the Domain Name field, type the domain name for which you would like to request a certificate. The value entered must match the type of certificate you chose to use. For example, if you chose a wildcard certificate, the domain name might be *.acme.com. 8 CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal

Generate a Certificate Signing Request for Your Domain 4 In contrast, if you chose a domain certificate, the domain name might be company01.acme.com, where company01 is the name of your virtual portal. 5 Complete the rest of the fields. These fields are optional. 6 Click Generate. A keypair is generated and stored on the portal. The Download a certificate request screen appears. 7 Click Download. The certificate request file certificate.req is downloaded to your computer. CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal 9

4 Generate a Certificate Signing Request for Your Domain The Settings > SSL Certificate page's Certificate Request area indicates that the certificate request is pending. If you issued a wildcard certificate request, the area appears as follows: If you issued a domain certificate request, the area appears as follows: Warning When you generated the CSR, a private.key file was registered in the CTERA Portal. If you now generate a new CSR, it will override the existing private.key file, and signing the old CSR will result in an error message indicating that the CSR does not match the private.key file. Therefore, do not generate a new CSR before installing the signed certificate. 10 CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal

5 Sign the Certificate Request 1 Send the certificate.req file you generated to your certificate authority for signing. If the request is successful, the certificate authority will send back an identity certificate that is digitally signed with the certificate authority's private key. Tip The certificate authority should return a base-64 encoded identity certificate. 2 Open the identity certificate and verify that the Issued to field includes the DNS suffix you provided upon creating the certificate request. 3 Build a certification chain from your identity certificate to your trusted root certificate. In order to do this, you will need to obtain all of the intermediate certificates, as well as your root certificate authority's self-signed certificate. If you are using a well-known certificate authority, the intermediate certificates and the root certificate authority's self-signed certificate can be downloaded from your certificate authority website. If you are using your own internal certificate authority, contact the necessary entity to provide you with the required intermediate and self-signed certificate. CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal 11

5 Sign the Certificate Request In the above example, the certificate was issued by "Go Daddy Secure Certification Authority" to "*.ctera.com". In order to build the certification chain, it is necessary to obtain a certificate issued to "Go Daddy Secure Certification Authority". This certificate was issued by "Go Daddy Class 2 Certification Authority" to " Go Daddy Secure Certification Authority". In order to continue the certification chain, it is necessary to obtain a certificate issued to "Go Daddy Class 2 Certification Authority". Since this last certificate is a self-signed certificate, (that is, it was issued to and by the same entity), the certification chain is complete. 12 CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal

6 Validate and Prepare Certificates for Upload 1 Verify that none of the certificates in the certificate chain are corrupted or using invalid encoding. To do so, open each certificate in a program such as Notepad or Word, and verify that it contains the following: -------- BEGIN CERTIFICATE ------- CERTIFICATE CONTENT -------- END CERTIFICATE ------- For example: 2 Change the identity certificate issued to "*.ctera.com" to certificate.crt. 3 Change the file extension of the other certificates in the certificate chain to "crt". For example, certificate-name.crt. CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal 13

6 Validate and Prepare Certificates for Upload 4 Archive all of the certificates (the identity certificate, the intermediary certificates, and the root self-signed certificate) in a ZIP file called certificate.zip. For example: 14 CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal

7 Install the Signed Certificate on CTERA Portal 1 Log in to the CTERA Portal using your Administrator account. 2 In the status bar, in the Portal drop-down list, select Administration. The Global Administration View appears displaying the Main > Dashboard page. 3 In the navigation pane, click Settings > SSL Certificate. 4 Click Install Signed Certificate. The Upload Certificate Wizard opens. 5 Click Upload and browse to the certificate.zip file you created. The certificate is installed on the CTERA Portal. 6 Click Finish. 7 Update the certificate on the Web server, by opening an SSH session to all of the servers in your CTERA Portal deployment and running the following command: ctera-portal-manage.sh restart CTERA Portal services are restarted. CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal 15

7 Install the Signed Certificate on CTERA Portal 8 Verify that the certificate updated successfully, by browsing to your CTERA Portal. You should receive no security exception messages. 16 CTERA Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information