SSL Certificates

SSL certificates serve the connection encryption of the REDDOXX Appliance.
The certificates can be used for the secured connection via HTTPS via the web interface, the UserGui and the REDDOXX Mobile App.

A distinction is made between the following certificates:

Private certificates are used for connection encryption and must be issued for the host names of the appliance to be used or as wildcard certificates.

Public certificates are certificates of the remote peers, these are used in the rules of the External Domain Policies.

Intermediate certificates are certificates of the issuer of the certificates and are necessary for a valid certificate chain.

Root certificates of the issuer of the certificates are also required for a valid certificate chain.

The following steps are necessary to transfer a certificate into the REDDOXX Appliance:

  1. Click on Add
  2. Select the format of the certificate you want to upload from the options.
    Intermediate and root certificates are usually public certificates in PEM format, private certificates are usually in PFX format with an additional password.
  3. Browse for the corresponding certificate(s) and enter the password for single PFX certificates.
  4. Accept the information with Save

Certificates can be downloaded via "Export".

The trust status of a certificate can be checked via "Validate".

The uploaded SSL certificates can be used for HTTP/S Virtual Host, for TLS transmission encryption and the SMTP Connector.

Lets Encrypt can also be used to create certificates. To do this, the appliance must be accessible via port 80 and 443 under the host name to be used.

1, Click on Lets Encrypt in the Private TLS Certificates area.

  1. Enter an email address so that information from LetsEncrypt (e.g. the expiry of a certificate) can be sent to you and confirm with Create.
  2. Then click on "Request a new certificate" and enter the server name (which can be reached and resolved from the Internet) and any alias addresses for which you need a certificate.
  3. Confirm with "Request Certificate"
  4. Complete the setup with Close

Lets Encrypt certificates are automatically renewed after 90 days.

If the REDDOXX Appliance should not be permanently accessible via HTTP / HTTPs, the Lets Encrypt certificates can also be updated manually.
For this purpose, the connection to the appliance must only be enabled externally for a short time.

The following steps are necessary to manually update the lets Encrypt certificates.

  1. Make sure that the appliance can be reached via HTTP / HTTPs.
  2. Click on Let's Encrypt
  3. Right-click => Renew to select the certificate to be updated.
  4. Carry out step 4 for further certificates if necessary.
  5. End the process with Close