Trace: sitessl

SSL

Server Management > Security > SSL

The Secure Sockets Layer (SSL) is a commonly used protocol for managing the security of a message transmission on the Internet. SSL uses the public-and-private key encryption system from RSA, which also includes the use of a digital certificate.

The SSL menu allows you access information about the SSL certificate used for secure access to the server GUI. The server GUI certificate is also used to encrypt other services such as secure POP/IMAP, SMTP and FTPS.

  • Create Self-Signed Certificate: Create a new self-signed SSL certificate. A self-signed certificate does not require external CA signing, and as a result will trigger browser warning that the certificate is not recognized. This does not have an impact on the actual encryption but may have the undesired effect of alarming users. BlueOnyx uses a self-signed certificate by default which is automatically configured at installation.
  • Create Signing Request: Create a certificate signing request. The certificate signing request can be submitted to a Certificate Authority to create a signed certificate that web browsers can verify as authentic.
  • Manage Certificate Authorities: Add or remove secondary certificate authorities for this site. Secondary certificate authorities are usually not needed, but certain authorities issue an extra certificate to be used for client authentication in addition to the usual server certificate that most certificate authorities issue. If your certificate authority uses a “chained certificate” you will need to install the secondary certificates here.
  • Import: Import a signed certificate. Use this option to install the certificate that is supplied by your CA.
  • Export: Download the current private key and certificate, so the certificate can be transferred to another server.

Certificate Information for Server Desktop

This information is taken from the signed certificate (if any) that is installed on the server.

  • City: The city in which the organization is located or registered. It is important that this information is correct and can be verified with a local, regional, or national government or other official organization.
  • State or Province: The state, province, or region in which the above city is located. It is important that this information is correct and can be verified with a local, regional, or national government or other official organization.
  • Country: Select the country in which the organization that will use this certificate is located or registered. It is important that this information is correct and can be verified with a local, regional, or national government or other official organization.
  • Organization: The official name of the organization owning this certificate. In order to obtain a signed certificate from a certificate authority, the organization name and location must be verifiable with a local, regional, or national government or other official organization. In addition, the certificate authority must be able to verify that the person requesting the certificate is the owner or employee of the named organization.
  • Organization Unit: The division or unit of the organization that is using this certificate. This is optional, but may be useful if the person applying for a signed certificate is an employee of a subsidiary of a larger organization.
  • Contact Email: The email address to be contacted for information about this certificate.
  • Certificate Expiration Date: The date after which the certificate should no longer be considered valid by client software attempting to connect to this server.