SSL Certificates

SSL certificates are used to encrypt the connection to the REDDOXX Appliance.
This certificates may be used to establish a secured connection via https over the Webinterface, the UserGui and the REDDOXX Mobile App.

There are different types of certificates:

  • Private Certificates: private certificates are used to encrypt the connection and need to be issued for the appliance hostname or as wildcard certificate
  • Public Certificates: public certifciates are certificates from your communication partner.
    This is not used at the moment (in the future, a certificate of your communication partner can be added and set to trusted to ensure a secured connection to your communication partner, even if the certificate chain is incomplete or not trustworthy)
  • Intermediate Authorities: intermediate certificates are from the certificate issuer and required for a valid certificate chain
  • Root Authorities: root certificates from the issuer are also required for a valid certificate chain

The following steps are required to upload a certificate:

  1. Select Add
  2. Choose the certifcate type from the list.
    Intermediate and root certificates are usually public certificates in PEM Format, private certificates are usually in PFX Format with an additional password
  3. Browse for the certificate(s) and provide the password in case of single pfx certificates
  4. Confirm the changes with "Save"

Additionally, you can use Lets Encrypt to create certificates.
This requires, that the appliance can be reached via hostname on Port 80 and 443.
If this is configured on your router, click "Lets Encrypt" => "configure lets encrypt" in the private certificates section, provide the servername that can be reached from the internet and confirm with "Request certificate".

Lets Encrypt Certificates will be automatically renewed each 90 days.

Certificates can be downloaded via "Export".

The trust status can be checked with "Validate".

The uploaded SSL certificates can be used for HTTP/S Virtual Host, for TLS transmission encryption and the SMTP Connector.