- Notes, cautions, and warnings
- Overview
- Getting Started with ECS
- Storage Pools, VDCs, and Replication Groups
- Authentication Providers
- Namespaces
- Users and Roles
- Identity and Access Management (S3)
- Buckets
- File Access
- Introduction to file access
- ECS multi-protocol access
- Working with NFS exports in the ECS Portal
- Working with user/group mappings in the ECS Portal
- ECS NFS configuration tasks
- Mount an NFS export example
- NFS access using the ECS Management REST API
- NFS WORM (Write Once, Read Many)
- S3A support
- Geo-replication status
- Maintenance
- Certificates
- ECS Settings
- ECS Outage and Recovery
- Advanced Monitoring
- Advanced Monitoring
- View Advanced Monitoring Dashboards
- View mode
- Export CSV
- Data Access Performance - Overview
- Data Access Performance - by Namespaces
- Data Access Performance - by Nodes
- Data Access Performance - by Protocols
- Disk Bandwidth - by Nodes
- Disk Bandwidth - Overview
- Node Rebalancing
- Process Health - by Nodes
- Process Health - Overview
- Process Health - Process List by Node
- Recovery Status
- SSD Read Cache
- Tech Refresh: Data Migration
- Top Buckets
- Automatic Metering Reconstruction
- Share Advanced Monitoring Dashboards
- View Advanced Monitoring Dashboards
- Flux API
- Dashboard APIs
- Advanced Monitoring
ECS 3.5.0.1 Administration Guide
Introduction to certificates
ECS ships with an SSL certificate installed in the keystore for each node. This certificate is not trusted by applications that talk to ECS, or by the browser when users access ECS through the ECS Portal.
To prevent users from seeing an untrusted certificate error, or to allow applications to communicate with ECS, you should install a certificate signed by a trusted Certificate Authority (CA). You can generate a self-signed certificate to use until you have a CA signed certificate. The self-signed certificate is installed into the certificate store of any machines that will access ECS.
ECS uses the following types of SSL certificates:
- Management certificates
- Used for management requests using the ECS Management REST API. These HTTPS requests use port 4443.
- Object certificates
- Used for requests using the supported object protocols. These HTTPS requests use ports 9021 (S3), 9023 (Atmos), 9025 (Swift).
You can upload a self-signed certificate, a certificate signed by a CA authority, or, for an object certificate, you can request ECS to generate a certificate or you. The key/certificate pairs can be uploaded to ECS by using the ECS Management REST API on port 4443.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\