Welcome

Dell Sites

Dell Technologies
Premier Sign In
Partner Program Sign In
Dell Financial Services
Support

Dell Sites

Dell Technologies
Premier Sign In
Partner Program Sign In
Dell Financial Services
Support

My Account
Order Status
Profile Settings
My Products
Make a Payment
Dell Rewards Balance

Sign Out

Welcome to Dell

My Account

Place orders quickly and easily
View orders and track your shipping status
Enjoy members-only rewards and discounts
Create and access a list of your products

US/EN

Cart

Your Dell.com Carts

Products
Solutions
Services
Contact Us

Support Home
Product Support
Manuals

PowerProtect Data Manager 19.17 for Cyber Recovery User Guide

Notes, cautions, and warnings
Preface
Introduction
Getting Started
Configuring and Managing Storage and Applications
Configuring and Managing Multiple Network Links for CyberSense
Configuring and Managing Policies and Copies
Managing Reports
Monitoring Cyber Recovery Components
Performing a PowerProtect Data Manager Recovery with Cyber Recovery
Administration
Troubleshooting

PDF

Loading, Please wait

Updating the TLS security certificate

Update a TLS security certificate in the Cyber Recovery deployment with a custom security certificate.

Prerequisites

The Cyber Recovery software is installed, and the deployment is up and running.
You have knowledge about managing security certificates.
Your browser is set up to accept security certificates.

About this task

You can replace a TLS security certificate with your own security certificate. For example, replace the TLS security certificate with a CA-signed certificate to avoid a warning message when you access the Cyber Recovery UI. The operating system and web browser for the Cyber Recovery deployment automatically trust and authenticate this certificate.

Steps

Log in to the Cyber Recovery management host.
Generate a certificate signing request (CSR), which is required to apply for a CA-signed certificate:
1. Run the crsetup.sh --gencertrequest script.
2. At each prompt, either enter the information for your deployment or press Enter to omit the information and go to the next prompt.
  
  NOTE:You have the option to omit the IP address and URI in the certificate. As a result, the resulting script does not expose the IP address or the URI.
3. When prompted, confirm the information that you provided.
4. Enter the lockbox passphrase.
The script lists the DNS name of the Cyber Recovery management host , which is essential for the certificate. The script also lists the IP address and URI if you chose to enter them in step 2b.

NOTE:You must use these exact values when you submit the CSR to the CA.

The crsetup.sh script generates a certificate signing request file: CRSERVICE.csr.
Submit the CRSERVICE.csr file to the CA to apply for a CA-signed certificate.
NOTE:
- Ensure that you submit the exact information from the previous step to the CA.
- The Cyber Recovery software uses the name CRSERVICE by default to generate the certificate. However, you can use any meaningful file name for your deployment.
The CA returns a <certificatename>.crt file.
Add the CA-signed certificate to the Cyber Recovery deployment:
1. Copy the <certificatename>.crt file (returned by the CA) into any directory on the Cyber Recovery management host.
2. Run the crsetup.sh --addcustcert script.
  The script stops the Docker container services.
3. At the prompt, enter the full path where the <certificatename>.crt files is located.
  For example:
```
/opt/dellemc/cr/bin/<certificatename>.crt
```
4. Enter the lockbox passphrase.
  
  The script displays an informational message that indicates that the signed certificate has been added successfully, and then restarts the Docker container services.
  
  NOTE:The Cyber Recovery software validates the certificate and key files and verifies the information from the CSR (as described in step 2). It also validates the certificate start date, which must be current, and the certificate duration, which must exceed one year.
The script starts the Docker container services whether the addition of the certificate succeeds or fails.

Data is not available for the Topic

Rate this content

All fields are required unless marked otherwise.

Accurate

not accurate

somewhat accurate

mostly accurate

accurate

very accurate

Useful

not useful

somewhat useful

mostly useful

useful

very useful

Easy to understand

not easy

somewhat easy

mostly easy

easy

very-easy

Was this article helpful?

Yes

Send us feedback (Optional)

0/3000 characters

Comments cannot contain these special characters: <>()\

Sorry, our feedback system is currently down. Please try again later.

Thank you for your feedback.

Please provide ratings (1-5 stars).

Please select whether the article was helpful or not.

Comments cannot contain these special characters: <>()\

US/EN

Site Map

Account

My Account
Order Status
Profile Settings
My Products
Make a Payment
Dell Rewards Balance

Support

Support Home
Contact Technical Support
Returns

Connect with Us

Community
Contact Us
X (Twitter)
LinkedIn
Instagram
YouTube

Site Map

US/EN

Our Offerings

Artificial Intelligence
Products
Solutions
Services
Deals

Our Company

Who We Are
Careers
Dell Technologies Capital
Investors
Newsroom
Recycling
Corporate Impact
Customer Stories

Our Partners

Find a Partner
Find a Reseller
OEM Solutions
Partner Program

Resources

Blog
Dell Rewards
Events
Email Sign-Up
Specialty Product Collections
Privacy Center
Security & Trust Center
Trial Software Downloads

Dell Technologies
Dell Premier for Business
Dell Financial Services

Terms of Sale
Privacy Statement
Do Not Sell or Share My Personal Information
Cookies, Ads & Emails
Legal & Regulatory
Accessibility
Anti-Slavery, Human Trafficking & Child Labor