Loading a Trusted CA Certificate to a CTERA Edge Filer
  • 12 May 2022
  • 1 Minute to read
  • Dark
    Light
  • PDF

Loading a Trusted CA Certificate to a CTERA Edge Filer

  • Dark
    Light
  • PDF

When the object storage used by theCTERA Portal uses a X.509 Certificate signed by a private Certification Authority (a self-signed certificate) and not a public trusted certificate, this certificate must be uploaded to the CTERA Edge Filer. You upload the certificate using the following procedure that requires a REST client tool such as Postman or HTTPie.

To upload a self-signed certificate to the CTERA Edge Filer:

  1. Get the certificate used by the object storage.

  2. Launch the REST client.

  3. Log in to the CTERA Edge Filer with the following REST API, using HTTPS: https://edgefiler_IP/admingui/api/login with the following:
    HTTP Method – POST
    Request Content-Typeapplication/x-www-form-urlencoded
    Request Body

    • usernameusername
    • passwordpassword

    Expected Response Status200 OK and an HTTP session cookie which is then used for the duration of the session.
    The session times out after 30 minutes of inactivity. If a response such as 403 Forbidden is returned, check the user name and password provided.

    Where:
    edgefiler_IP – The IP address of the gateway.
    username – Mandatory: The name of a user with administrative rights to the gateway. This is the username set in the procedure in Initial CTERA Edge Filer Setup.
    password – Mandatory: The password for the user. The login is over HTTPS to ensure that the password is encrypted. This is the password set in the procedure in Initial CTERA Edge Filer Setup.
    Upon receiving a successful login reply, the server sets HTTP session cookies. The client must return these cookies to the server in the next request.

Note

To ensure that the session cookie returned by the API login is automatically returned in subsequent requests to the server, the same HttpClient object must be used for all future requests.

  1. Copy to your clipboard the contents of the certificate.

  2. Upload the certificate using the following REST API: http://edgefiler_IP/admingui/api/config/extStorageTrustedCA?put (edgefiler_IP is the IP address of the edge filer) with the following:
    HTTP Method – POST
    Request Content-Typeapplication/xml
    Request Body

    <obj class="ExtStorageTrustedCA">
        <att id="certificate">
             <val>
    -----BEGIN CERTIFICATE-----
    ##### Certificate Content #####
    -----END CERTIFICATE-----
            </val>
          </att>
    </obj>
    

    Expected Response status200 OK

    Where:
    edgefiler_IP – The IP address of the gateway.
    Certificate Content – The certificate content that was copied to the clipboard.


Was this article helpful?