Skip to content

Certificate

About

Certificates are used for SSL Offloading on vServices and to access the TR7 web interface. Certificates can be added either manually,ACME.SH or through PFX files via this menu. Unlimited number of certificates can be loaded onto the TR7 ASP device as long as there is sufficient disk capacity. There is no need for an additional license related to the certificate limit.

How to Add?

To add a new Certificate, follow the steps "Certificate > Certificate > Add" on the TR7 ASP web interface.

Interface

Certificate Listing Screen

By following "Certificate > Certificate" you can access a list of all Certificates on the TR7 ASP device. On this screen, you can add, edit and delete Certificates.

LOGO

Certificate Listing Form

- 1 (Information to be Displayed in the Table)

Select which information to display in the table listing the Certificates.
The selectable and default information includes;

  • Certificate Name
  • CN
  • Valid Until
  • Cert. Algorithm
  • Details
  • Issuer Or.
  • Valid From
  • DNS
  • Key Length
  • Download

- 2 (Add)

Click the Add button to open a form for creating a new Certificate.

- 3 (Delete)

One or more Certificates can be selected and deleted by clicking the Delete button.

- 4 (Edit)

Select a Certificate from the list and click the Edit button to modify information such as the certificate's name and content.

- 5 (Search)

Used to search for all expressions in the table.

- 6 (RegExp Search)

Used to regexp search for all expressions in the table.

- 7 (Column Based Search)

Used to column based search for all expressions in the table.

- 8 (Download)

If the Download Later option was marked when adding the Certificate, the Download button becomes active, and the relevant Certificate can be downloaded. When the Download button is clicked, a dropdown window appears as shown below.

LOGO

- 9 (Page Information)

Information about how many Certificates are listed and how many are in the opened list. When Certificates are selected on the left side for deletion, the information about the selected Certificate is also displayed here.

- 10 (Page Size)

Select how many Certificates will be listed in the opened list. You can switch between pages using arrow symbols.

- Preview of the Selected Certificate

After following "Certificate > Certificate" clicking on any Certificate opens a window on the right side of the screen with information about the relevant Certificate.

LOGO

In this window, if the Allow Download option was marked when adding the Certificate, the Download Certificate button becomes active, and the relevant Certificate can be downloaded. All details related to the selected Certificate are listed in this window.

Additionally, this window provides information about "Used In", showing where the selected certificate is being used in various vServices.

The preview can be closed by clicking the (x) button at the top right of the opened window.

Interface

Certificate Adding Screen

To add a new Certificate, follow "Certificate > Certificate > Add" on the TR7 ASP web interface.

LOGO

Certificate Adding Form

- Certificate Name

Enter a name for the new Certificate.

- Type

Select the type of the certificate to be added to the TR7 ASP. Certificates can be added in Manual, PFX, ACME.SH formats.

When Manual is selected, the key and certificate content can be pasted.

LOGO

It can be loaded by selecting PFX and selecting the file with .pfx extension.

LOGO

When ACME.SH is selected you can use various Acme.sh servers to create certificate.

LOGO

- Acme.sh Server

Choose Acme.sh server that you want to use.

- Acme.sh Mail Register Address

You can specify e-mail address to create certificate. This will allow you to take notifications from acme.sh servers. It is not mandatory to give e-mail address. In this case TR7 will create automatic e-mail for you and handle all the things in the background.

- Domain and vService

Here you should choose which domain names and vServices you use to create certificate. More than 1 is possible with the + button.

- Acme.sh Key Length

The Key Length refers to the size of the cryptographic key used in the SSL/TLS certificate. This is an important security parameter: a longer key generally means stronger encryption but may also require more processing power.

- Acme.sh automatic renewal

You can set a period for automatic renewal before your certicate validity ends.

- Network Source For Request

You can choose your requst source for TR7 to get the Acme.sh certificate.

LOGO

- Certificate Content

Paste the certificate content.

- Key Content

Paste the key content.

- Intermediate Cert. Content

If you want to add an Intermediate Certificate to the added certificate, you can make a profile-based selection or add it manually by selecting Without Profile. For profile-based Intermediate and Root Certificate details, click.

- Root Cert. Content

If you want to add a Root Certificate to the added certificate, you can make a profile-based selection or add it manually by selecting Without Profile. For profile-based Root and Intermediate Certificate details, click.

- Password

If the key content of the loaded certificate is encrypted, enter the relevant password. Leave it blank if the key content is not encrypted.

- Allow Download

If checked, the loaded certificate can be downloaded as a .pfx file from the TR7 web interface. If unchecked, the loaded certificate cannot be downloaded. By default, this option is not selected.

- Add

Click the Add button to add the Certificate.

Interface

Usage Places

- vServices

Step > 1

First, navigate through "Settings Mode > vServices" on the TR7 web interface.

Step > 2

On the resulting screen, right-click the vService to which the Certificate will be added and select Edit or click on the relevant vService and follow "Actions > Edit" from the pane that opens on the right to reach the same window.

Step > 3

In the vService's editing screen, a certificate selection can be made once any IP:Port is set to SSL Termination or HTTP/2.0. After making the relevant selection, choose from the Certificates uploaded on the TR7 ASP device under the Certificate tab.

LOGO

LOGO

LOGO

In the vServices multiple certificate selection is possible. The correct certificate is chosen by the TR7 ASP based on the Host header information in the incoming request, and SSL Offloading is performed using the selected certificate.

Step > 4

Click the Save button to save the changes and wait for the reconfiguration of the vService.


- Accessing the TR7 Web Interface via HTTPS

Step > 1

First, navigate through "Settings Mode > Settings > Device Management > Access" on the TR7 web interface.

Step > 2

On the resulting screen, click the Edit button. By default, the TR7 web interface can be accessed via port 80 (HTTP) and port 443 (HTTPS). For HTTPS access, there is a default embedded certificate. Certificates added in the "Certificate > Certificate" step can be selected from this screen for completely secure access to the TR7 web interface. Click here for detailed information about access settings click here.

LOGO

LOGO

Step > 3

Click the Edit button to save the changes made.