To make the server with DCImanager available via HTTPS protocol, you will need an SSL certificate. To purchase an SSL certificate, contact any certificate issuing service or issue a free Let's Encrypt certificate.

This article describes how to connect and change the SSL certificate.

Connecting a new certificate


  1. Copy the certificate files to the server with DCImanager. For example, in the /root/ directory. 

    Note

    After connecting, the certificate files must remain in this directory with the same names. 

  2. Connect to the DCImanager server via SSH.
  3. Create a patch_add_ssl.yaml file with the following contents: 

    version: "3.7"
    services:
      input:
        volumes:
          - /root/dci.crt:/etc/ssl/certs/default.domain.crt
          - /root/dci.key:/etc/ssl/private/default.domain.key
    CODE

    /root/dci.crt — the path and name of the SSL certificate

    /root/dci.key — the path and name of the SSL certificate key

    Note

    You don't need to change /etc/ssl/certs/default.domain.crt and /etc/ssl/private/default.domain.key — these are paths to the certificate inside the docker container

  4. Run the command: 

    dci add-patch -f patch_add_ssl.yaml -p add_ssl
    CODE
  5. Specify the server domain name in the DomainName parameter of the /opt/ispsystem/dci/config.json configuration file:

    Example of config.json file

    {"MysqlRootPassword":"password","LicenseToken":"token","DomainName":"example.com","CurrentVersion":"6.14.0","UpdateDate":1616262495}
    CODE
  6. Stop docker containers:

    dci down
    CODE
  7. Start DCImanager:

    dci start
    CODE

Certificate change


  1. Replace the old certificate files with the current ones. The new files must have the same names as the old files.
  2. Stop docker containers:

    dci down
    CODE
  3. Start DCImanager:

    dci start
    CODE