SSL encryption
You can secure communication between ADB Control web server and clients using the HTTPS protocol, which is based on SSL encryption. To configure an access to ADB Control via HTTPS, follow the steps:
-
Open the ADB Control service configuration page in ADCM.
-
Activate the HTTPS parameters enable switcher.
-
Fill in the following fields:
-
Listening port — a port on which ADB Control UI will be available via HTTPS. The default value is
8443. -
Full ssl certificate path — a full path to the SSL certificate. For example, /opt/adcc/ssl/adcc_default.crt.
-
Full ssl key path — a full path to the SSL key. For example, /opt/adcc/ssl/adcc_default.key.
Fill in the HTTPS parametersTIP-
The adcc_default.crt and adcc_default.key files for a self-signed certificate are created by default on the host where ADB Control is deployed. They are located in the /opt/adcc/ssl folder. You can specify these files for testing purposes.
-
For production systems, you should use a trusted certificate authority (CA) to sign certificates. To create a real SSL certificate and register it with the CA, use the openssl utility.
-
-
Click Save. Then apply the Reconfigure & Restart action to the ADB Control service.
Apply changesAs a result, the following record is added to the /opt/adcc/nginx.conf configuration file on the host where ADB Control is deployed:
server { listen 8443 default_server ssl; server_name _; ssl_certificate /etc/nginx/conf.d/adcc_ssl.crt; ssl_certificate_key /etc/nginx/conf.d/adcc_ssl.key; ssl_prefer_server_ciphers on; return 302 https://10.92.18.1:8443$request_uri; }
-
After all steps are completed successfully, every attempt to connect to ADB Control via http://<ADB Control IP address>:81 will be automatically redirected to https://<ADB Control IP address>:8443. Due to using a self-signed certificate, the Not secure message will be shown in a web browser.
