Any Storage Platform can serve the Redstor-signed security certificate as well as one or more CA-signed certificates of your choice. If a certificate has the correct host name and is located in the Windows Certificate Store, the Redstor AccountServer will automatically serve it to any browser-based connection. This means that your browser will no longer present a security warning when you open a Redstor Pro report over HTTPS.
To enable support for an additional certificate:
1. Install the CA-provided certificate that should be served into the Local Machine certificate store.
- Run "CertLM.msc".
- Import the certificate into the personal certificate store.
Note: Security best practices dictate that when the certificate is imported, the option to Allow private key to be exported should not be enabled.
2. Configure the AccountServer/StorageServer to serve the CA-provided certificate by navigating to the following address in a web browser (replacing <accountServer> with the correct address):
https://<accountServer>/api/system/settings?UseTrustedCertificates=true
After that, the server will serve any valid (non-expired) certificate from the certificate store if it matches the address that a user's browser is connecting to.
Note:
- ESE Agents will still receive the Redstor-supplied platform certificate.
- Third-party tools may or may not receive the CA-provided certificate, depending on the details of the protocol they use to connect. Most modern browsers (including on iOS & Android) will receive the CA-provided certificate.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article