Loading a Trusted CA Certificate to CTERA Edge Filer

When the object storage used by the CTERA Portal uses a X.509 Certificate signed by a private Certification Authority (a self-signed certificate) and not a public trusted certificate, this certificate must be uploaded to the CTERA Edge Filer. You upload the certificate using the following procedure that requires a REST client tool such as Postman or HTTPie.

To upload a self-signed certificate to the CTERA Edge Filer:

1. Get the certificate used by the object storage.
2. Launch the REST client.
3. Log in to the CTERA Edge Filer with the following REST API, using HTTPS: https://*gateway_IP*/admingui/api/login with the following:
   HTTP Method - POST
   Request Content-Type - application/x-www-form-urlencoded
   Request Body Key username - username
   Request Body Key password - password
   Expected Response Status - 200 OK and an HTTP session cookie which is then used for the duration of the session. The session times out after 30 minutes of inactivity. If a response such as 403 Forbidden is returned, check the user name and password provided.
   Where:
   gateway_IP – The IP address of the gateway.
   username – Mandatory: The name of a user with administrative rights to the gateway. This is the username set when first setting up the CTERA Edge Filer in Initial CTERA Edge Filer Setup.
   password – Mandatory: The password for the user. The login is over HTTPS to ensure that the password is encrypted. This is the password set when first setting the CTERA Edge Filer in Initial CTERA Edge Filer Setup.
   Upon receiving a successful login reply, the server sets HTTP session cookies. The client must return these cookies to the server in the next request.
   Note: To ensure that the session cookie returned by the API login is automatically returned in subsequent requests to the server, the same HttpClient object must be used for all future requests.
4. Copy to your clipboard the contents of the certificate.
5. Upload the certificate using the following REST API:
   https://*gateway_IP*/admingui/api/config/extStorageTrustedCA?put with the following:
   HTTP Method - POST
   Request Content-Type - application/xml
   **Request Body -

<obj class="ExtStorageTrustedCA">
  <att id="certificate">
    <val>
        -----BEGIN CERTIFICATE-----
        ##### Certificate Content #####
        -----END CERTIFICATE-----
    </val>
  </att>
</obj>

Expected Response Status - 200 OK
Where:
gateway_IP – The IP address of the gateway.
Certificate Content – The contents of the certificate that was copied to the clipboard.