Managing Server Security and Certificates

SSL Certificate Management

Viewing SSL Certificate Information

This task describes how to view detailed information about the currently installed SSL certificate. Reviewing certificate details helps verify its validity, issuer, and other security parameters.

Procedure

Step 1

From the Navigation Pane, click Settings.

Step 2

Click SSL Settings > View SSL Certificate.

The View SSL Certificate page is displayed, showing the current certificate information.

Table 1. Current Certificate Information

Name

Description

Certificate Version

The version of the SSL certificate.

Serial Number

A unique serial number assigned to the certificate.

Signature Algorithm

The algorithm used to sign the certificate.

Public Key

Details about the public key, including its length.

Issuer Common Name (CN)

The common name of the certificate issuer.

Issuer Organization (O)

The organization name of the certificate issuer.

Issuer Organization Unit (OU)

The organizational unit name of the certificate issuer.

Issuer City or Locality (L)

The city or locality of the certificate issuer.

Issuer State or Province (ST)

The state or province of the certificate issuer.

Issuer Country (C)

The country of the certificate issuer.

Issuer Email Address

The email address of the certificate issuer.

Valid From

The date and time from which the certificate is valid.

Valid Till

The date and time until which the certificate is valid.

Issued to Common Name (CN)

The common name to which the certificate is issued.

Issued to Organization (O)

The organization name to which the certificate is issued.

Issued to Organization Unit (OU)

The organizational unit name to which the certificate is issued.

Issued to City or Locality (L)

The city or locality to which the certificate is issued.

Issued to State or Province (ST)

The state or province to which the certificate is issued.

Issued to Country (C)

The country to which the certificate is issued.

Issued to Email Address

The email address to which the certificate is issued.

What to do next

Use the displayed certificate information to verify the SSL certificate's details and validity.

Generating an SSL Certificate

This task describes how to generate a new self-signed SSL certificate. Generating an SSL certificate provides secure communication for the server web interface and other services.

Procedure

Step 1

From the Navigation Pane, click Settings.

Step 2

Click SSL Settings > Generate SSL Certificate.

The Generate SSL Certificate page is displayed.

Step 3

Enter the required information for the new SSL certificate:

Table 2. SSL Certificate Generation Fields

Name

Description

Common Name (CN) field

Enter the fully qualified domain name (FQDN) or IP address of the server.

Organization (O) field

Enter the name of the organization.

Organization Unit (OU) field

Enter the name of the organizational unit.

City or Locality (L) field

Enter the city or locality.

State or Province (ST) field

Enter the state or province.

Country (C) field

Enter the two-letter country code.

Email Address field

Enter the email address for the certificate administrator.

Valid for field

Enter the number of days the certificate is valid.

Key Length drop-down list

Select the desired key length for the certificate.

Step 4

Click Generate.

The new SSL certificate is generated and installed on the server.

What to do next

Verify that the new SSL certificate is active by viewing its information.

Uploading an SSL Certificate

This task describes how to upload a new SSL certificate and its private key to the server. Uploading a custom SSL certificate allows for secure communication using a trusted certificate authority.

Before you begin

Ensure the new SSL certificate file and its corresponding private key file are available on a local system.

Procedure

Step 1

From the Navigation Pane, click Settings.

Step 2

Click SSL Settings > Upload SSL Certificate.

The Upload SSL Certificate page is displayed.

Step 3

Review the Current Certificate and Current Private Key information.

These fields display details about the currently installed certificate and private key.

Step 4

To upload a new SSL certificate, click Browse next to the New Certificate field.

A file selection dialog is displayed. Navigate to and select the new SSL certificate file (.pem, .crt, or similar) from the local system.

Step 5

To upload a new private key, click Browse next to the New Private Key field.

A file selection dialog is displayed. Navigate to and select the private key file (.key, .pem, or similar) from the local system.

Step 6

Click Upload.

The new SSL certificate and private key are uploaded and installed on the server.

What to do next

Verify that the new SSL certificate is active by viewing its information and testing secure connections to the server.

Firewall Configuration

Configuring General Firewall Settings

This task describes how to configure general firewall settings, including adding new rules, modifying existing ones, and setting options to block or flush network traffic with time-based rules. Proper firewall configuration is essential for securing the server from unauthorized network access.

Before you begin

Understand the impact of firewall rules on network connectivity and server access.

Procedure

Step 1

From the Navigation Pane, click Settings.

Step 2

Click System Firewall > General Firewall Settings.

The General Firewall Settings page is displayed.

Step 3

Perform one of the following actions:

  • To add new general firewall settings, click Add Firewall Settings.
  • To modify existing general firewall settings, click on the desired rule listed under Existing Firewall Settings.

The Add Firewall Settings page (for new rules) or the configuration page for the selected existing rule is displayed.

If no firewall settings exist, a message No Firewall Settings Exists. To add a new Firewall settings goto Add Firewall Settings page. is displayed under Existing Firewall Settings.

Step 4

Configure the general firewall settings:

Table 3. General Firewall Configuration Fields

Name

Description

Block All drop-down list

Select to block all incoming and outgoing network traffic for a specific IP version. Options include IPv4, IPv6, and Both.

Flush All check-box

Select to clear all existing firewall rules.

Timeout check-box

Select to enable a time-based duration for the firewall rule.

Start Date field

Enter the start date for the firewall rule (available when Timeout is selected).

Start Time field

Enter the start time for the firewall rule (available when Timeout is selected).

End Date field

Enter the end date for the firewall rule (available when Timeout is selected).

End Time field

Enter the end time for the firewall rule (available when Timeout is selected).

Step 5

Click Save.

The general firewall settings are applied.

What to do next

Verify that network access to the server is controlled according to the configured firewall rules.

Configuring IP Firewall Rules

This task describes how to configure IP firewall rules, which control network traffic based on IP addresses or IP address ranges. These rules enhance server security by restricting access from specified IP sources.

Before you begin

Understand the impact of IP-based firewall rules on network connectivity and server access.

Procedure

Step 1

From the Navigation Pane, click Settings.

Step 2

Click System Firewall > IP Address Firewall Rules.

The IP Address Firewall Rules page is displayed.

Step 3

Perform one of the following actions:

  • To add a new IP rule, click Add New IP Rule.
  • To modify an existing IP rule, click on the desired rule listed under Existing IP Rules.

The Add IP Rule page (for new rules) or the configuration page for the selected existing rule is displayed.

If no IP rules exist, a message No IP Rules Exists. To add a new IP Rules goto Add IP Rule page. is displayed under Existing IP Rules.

Step 4

Configure the IP firewall rule settings:

Table 4. IP Firewall Rule Configuration Fields

Name

Description

IP Single (or) Range Start field

Enter a single IP address or the starting IP address of a range.

IP Range End field

Enter the ending IP address of a range (if configuring an IP range).

Enable Timeout check-box

Select to enable a time-based duration for the firewall rule.

Start Date field

Enter the start date for the firewall rule (available when Enable Timeout is selected).

Start Time field

Enter the start time for the firewall rule (available when Enable Timeout is selected).

End Date field

Enter the end date for the firewall rule (available when Enable Timeout is selected).

End Time field

Enter the end time for the firewall rule (available when Enable Timeout is selected).

Rule drop-down list

Select the action for the IP rule.

Step 5

Click Save.

The IP firewall rule is applied.

What to do next

Verify that network access from specified IP addresses is controlled according to the configured rules.

Configuring Port Firewall Rules

This task describes how to configure port firewall rules, which control network traffic based on port numbers and protocols. These rules enhance server security by restricting access to specific services.

Before you begin

Understand the impact of port-based firewall rules on network connectivity and server services.

Procedure

Step 1

From the Navigation Pane, click Settings.

Step 2

Click System Firewall > Port Firewall Rules.

The Port Firewall Rules page is displayed.

Step 3

Perform one of the following actions:

  • To add a new port rule, click Add New Port Rule.
  • To modify an existing port rule, click on the desired rule listed under Existing Port Rules.

The Add Port Rule page (for new rules) or the configuration page for the selected existing rule is displayed.

If no port rules exist, a message No Port Rules Exists. To add a new Port Rules goto Add Port Rule page. is displayed under Existing Port Rules.

Step 4

Configure the port firewall rule settings:

Table 5. Port Firewall Rule Configuration Fields

Name

Description

Port Single (or) Range Start field

Enter a single port number or the starting port number of a range.

Port Range End field

Enter the ending port number of a range (if configuring a port range).

Protocol drop-down list

Select the network protocol for the rule.

Network Type drop-down list

Select the network type.

Enable Timeout check-box

Select to enable a time-based duration for the firewall rule.

Start Date field

Enter the start date for the firewall rule (available when Enable Timeout is selected).

Start Time field

Enter the start time for the firewall rule (available when Enable Timeout is selected).

End Date field

Enter the end date for the firewall rule (available when Enable Timeout is selected).

End Time field

Enter the end time for the firewall rule (available when Enable Timeout is selected).

Rule drop-down list

Select the action for the port rule.

Step 5

Click Save.

The port firewall rule is applied.

What to do next

Verify that network access to specific services is controlled according to the configured rules.

Secure Configuration Management

Backing Up or Restoring Key Upload

This task describes how to upload an AES key file to the server. This key is typically used for encrypting and decrypting configuration backup and restore files, ensuring the security of configuration data.

Before you begin

Ensure the AES key file for backup or restore operations is available on a local system.

Procedure

Step 1

From the Navigation Pane, click Maintenance.

Step 2

Click Backup/Restore Key upload.

The Backup/Restore Key upload page is displayed.

Step 3

In the AES Key File field, click Browse.

A file selection dialog appears.

Step 4

Navigate to and select the AES key file from the local system.

Step 5

Click Upload.

The selected AES key file is uploaded to the server.

What to do next

Proceed with backup or restore operations that require the uploaded AES key.

Restoring AES Key

This task describes how to upload an AES key file to the server for use during configuration restoration. This key ensures the secure decryption of backed-up configuration data.

Before you begin

Ensure the AES key file required for configuration restoration is available on a local system.

Procedure

Step 1

From the Navigation Pane, click Maintenance.

Step 2

Click Backup/Restore Key upload.

The Backup/Restore Key upload page is displayed.

Step 3

In the AES Key File field, click Browse.

A file selection dialog appears.

Step 4

Navigate to and select the AES key file from the local system.

Step 5

Click Upload.

The selected AES key file is uploaded to the server.

What to do next

Proceed with restoring the server configuration, which now uses the uploaded AES key for decryption.

Restoring Configuration with AES Key

This task describes how to restore a previously saved configuration to the server, especially when the backup file is encrypted and requires an AES key for decryption. Restoring a configuration applies a known good state to the server, which is useful for recovery from misconfigurations or system failures.

Before you begin

Ensure the backup configuration file is available on a local system.

Procedure

Step 1

From the Navigation Pane, click Maintenance.

Step 2

Click Restore Configuration.

The Restore Configuration page is displayed.

Step 3

If a message AES Key does not exist. Click here to upload the Restore key is displayed, perform the following substeps:

  1. Click the Click here to upload the Restore key link.

    A file selection dialog is displayed for the AES key.

  2. Navigate to and select the AES key file from the local system.

  3. Click Upload.

    The AES key file is uploaded. The page returns to the Restore Configuration view.

Step 4

In the configuration file field, click Browse.

A file selection dialog is displayed.

Step 5

Navigate to and select the backup configuration file from the local system.

Step 6

Click Restore.

The selected configuration file is uploaded and applied to the server. Server configuration settings are restored to the state saved in the backup file.

What to do next

Verify that the server is operating with the restored configuration settings.