What is SSL certificate
SSL Certificate is a small data file that digitally binds a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins.
Related documentation:
- SSL Certificates for Web in Sippy 2020 and below
- Manual generation and installation of SSL Certificate
Prerequisites
- Proper DNS A-record pointed to IP address of environment.
- Open access to 80 TCP port. This is required by CA to issue and renew the certificates.
How to add a new certificate using LetsEncrypt CA
- The service is provided by https://letsencrypt.org/ certificate authority (CA).
1. Create DNS A-record
Add DNS A-record for one of the IP addresses, assigned to the environment and check if it is available from Internet - this should be done in DNS management self-care panel of the DNS provider.
2. Add new record for SSL certificate
2.1 Open System Management - System Parameters - SSL Certificates, click Add button.
2.2 Set in Common Name the DNS A-record generated above and choose Type = Issued by LetsEncrypt.org
3. Set Web Address parameter to the DNS A-record
Open System Management - System Parameters - Web Interface, Security, select SSL Certificate created above and set Web Address that matches DNS A-record created before.
4. Wait for 5 minutes to allow the system to generate and install new SSL certificate.
5. Check SSL Certificate
Web server will restart, login and check the Certificate in your browser.
How to renew an existing certificate
All work related to certificates renewal is done by system itself. No special handling is required from switch operator.
How to add a new certificate using own CA
Follow documentation:
https://support.sippysoft.com/a/solutions/articles/78262