Connecting the SSL certificate

To make the server with DCImanager available via HTTPS protocol, you will need an SSL certificate. To purchase an SSL certificate, contact any certificate issuing service or issue a free Let's Encrypt certificate.

This article describes how to connect and change the SSL certificate.

Connecting a new certificate

1. Copy the certificate files to the server with DCImanager. For example, in the /root/ directory. 

   

   Note

   After connecting, the certificate files must remain in this directory with the same names. 

2. Connect to the DCImanager server via SSH.

3. Create a patch_add_ssl.yaml file with the following contents: 

   version: "3.7"
   services:
     input:
       volumes:
         - /root/dci.crt:/etc/ssl/certs/default.domain.crt
         - /root/dci.key:/etc/ssl/private/default.domain.key

   CODE
    Comments

   /root/dci.crt — the path and name of the SSL certificate

   /root/dci.key — the path and name of the SSL certificate key

   

   Note

   You don't need to change /etc/ssl/certs/default.domain.crt and /etc/ssl/private/default.domain.key — these are paths to the certificate inside the docker container

4. Run the command: 

   dci add-patch -f patch_add_ssl.yaml -p add_ssl

   CODE

5. Specify the server domain name in the DomainName parameter of the /opt/ispsystem/dci/config.json configuration file:

   Example of config.json file

   {"MysqlRootPassword":"password","LicenseToken":"token","DomainName":"example.com","CurrentVersion":"6.14.0","UpdateDate":1616262495}

   CODE

6. Stop docker containers:

   dci down

   CODE

7. Start DCImanager:

   dci start

   CODE

Certificate change

1. Replace the old certificate files with the current ones. The new files must have the same names as the old files.

2. Stop docker containers:

   dci down

   CODE

3. Start DCImanager:

   dci start

   CODE