When using the Storage Platform API with other applications, like cloud services, the backup service requires the use of a trusted certificate authority (CA) certificate.
This can be achieved by configuring a trusted CA certificate on an alternative port for the AccountServer and StorageServer as follows:
A. Install the CA certificate into the Trusted Root Certificate Authorities Store
-
Open Microsoft Management Console.
-
Select File, and click Add/Remove Snap-in…
-
Select the Certificates snap-in, and click Add.
-
Select Computer account, and click Next.
-
Select Local computer, and click Finish.
-
Click OK.
-
In the left pane, expand Certificates (Local Computer).
-
Choose a store to import:
-
If you have the Root CA certificate for the company that issued the certificate, choose Trusted Root Certification Authorities;
-
If you have the certificate for the server itself, choose Personal
-
-
Right-click the store, choose All Tasks and click Import.
-
Follow the wizard and provide the certificate file you have.
B. Configure the AccountServer / StorageServer
- View the certificate and copy the certificate SerialNumber.
-
Add the following two settings to your AccountServer / StorageServer settings.xml:
<AltPublicPort>9443</AltPublicPort>
<AltServerCertSerialNumber>{cert serial number}</AltServerCertSerialNumber>
-
View the certificate via your browser e.g.: https://Account_IP:9443.
-
Confirm that the serial numbers match.
Note: The Console and Agents trust only the Redstor root certification and will not function over the alternative port.
Comments
0 comments
Please sign in to leave a comment.