Configuring Secure Connections
For security, the everRun system allows only HTTPS connections, by default. If you want to allow HTTP connections, you can configure secure connections.
When you activate or deactivate the check box next to Enable HTTPS Only / Disable HTTP in the procedure below and click Save, the system automatically logs you out of the everRun Availability Console and you must log in again,
When HTTPS connections are enabled, you can use a script to install a custom certificate on the host machine. See To install a custom certificate.
To enable HTTP and HTTPS connections
- Click Preferences in the left-hand navigation panel, to open the Preferences page.
- Under Administrative Tools, click Secure Connection.
- Deactivate the check box next to Enable HTTPS Only / Disable HTTP.
-
Click Save.
The system automatically logs you out of the everRun Availability Console and redirects the browser to the HTTPS login page. To access the HTTP login page, you manually replace https with http in the browser's address bar, and then you can log in.
If the system allows HTTP and HTTPS connections and you want to allow only HTTPS connections, you need to activate the check box.
To enable only HTTPS connections
- Click Preferences in the left-hand navigation panel, to open the Preferences page.
- Under Administrative Tools, click Secure Connection.
- Activate the check box next to Enable HTTPS Only / Disable HTTP.
-
Click Save.
The system automatically logs you out of the everRun Availability Console, redirects the browser to the HTTPS login page, and you must log in again.
To install a custom certificate
To install a custom certificate, use the certificate_installer script. Using this script, you can install a custom SSL certificate, recover a previously used or build-in certificate, and display information about a certificate currently in use or previously used, as follows:
-
Install a custom certificate (non HTTPS-only mode):
- Copy a certificate to the /tmp folder of the host machine.
-
Issue the following command:
certificate_installer install -c /tmp/server.crt -k /tmp/server.key
-
Install a custom certificate (HTTPS-only mode):
- Copy a certificate to the /tmp folder of the host machine.
-
Issue the following command:
certificate_installer install -c /tmp/server.crt -k /tmp/server.key ‑f
-
Recover the custom certificate to the previously used one:
certificate_installer recover -p
-
Recover the custom certificate to the built-in one:
certificate_installer recover -b
-
List information about the currently used certificate:
certificate_installer list -c
-
List information about the previously used certificate:
certificate_installer list -p
If you want more information about installing a custom certificate, access the Knowledge Base to search for the article Adding Certificates to ca-bundle.crt in everRun (KB0013477). See Accessing Knowledge Base Articles.
The certificate_installer script
Usage
certificate_installer [command command_options] [script_options]
Commands and Command Options
| install command_options |
Installs the custom certificate. Command options are:
|
| recover command_options |
Recovers the custom certificate. Command options are:
|
| list command_options |
Lists the custom certificate(s). Command options are:
|
Script Options
| -v, --[no_]verbose | In verbose mode, the script displays all information. |
| -l, --log=log_file | Prints logs to the file log_file instead of to STDOUT. |