HTTPS provides secure/encrypted, web-based management and configuration of VelaSync from a PC. An SSL certificate is required to be stored in VelaSync in order to establish this secure HTTPS connection.
VelaSync uses OpenSSL library with a basic user interface to create a certificate request or self-signed certificate. The certificate request must be submitted to an external Certificate Authority (CA) for the creation of a third party verifiable certificate or use an internal corporate Certificate Authority. If a Certificate Authority is not available you can use the default self-signed certificate that comes with the unit until it expires, or create your own self-signed certificate to allow the use of HTTPS. Please note that the default certificate is empty—you may need to create a new one in order to comply with your company's internal policies, or just to simplify systems management.
Out of the box, VelaSync will use the above-mentioned unique self-signed certificate, when accessed via https. This means that browsers may, on initial connection, ask you to confirm that the certificate is acceptable. This is normal and expected when using a self-signed certificate. This warning will only occur when using https, and with most browsers will only need to be viewed once.
Note: If deleted, the HTTPS certificate cannot be restored. A new certificate will need to be generated.
Note: If the IP Address or Common Name (Host Name) is changed, you may wish to regenerate the security certificate. Otherwise you may receive security warnings from your web browser each time you login.
The OpenSSL library provides the encryption algorithms used for secure HTTP (HTTPS). The OpenSSL package also provides tools and software for creating X.509 Certificate Requests, Self Signed Certificates and Private/Public Keys. For more information on OpenSSL, please see www.openssl.org.
To access VelaSync's https functionality under the Configuration > Service & System Management tab, you need to login via https. An example login address would be the following URL:
The Generate HTTPS CSR button is located under Manage Communication in the Service & System Management tab.
Click Generate HTTPS CSR to open the corresponding menu. Information on how to populate the fields can be found under The Subtab "Service & System Management".
Once the request is generated, the dialog will be updated with the CSR data. This text can be copied and delivered to the appropriate certificate authority for validation. As part of this process, a new certificate and key will be generated on the appliance. TimeKeeper must be restarted in order for the new key to be used. (Note that since VelaSync now has a new self-signed certificate, client browsers may again present the initial certificate warning after the next appliance restart.)
Once a signed certificate has been generated based on the CSR, it can be uploaded by clicking Upload HTTPS Certificate at the same Web UI location. This will initiate a file upload dialog that can be used to upload the newly generated certificate. This step will cause TimeKeeper to restart immediately in order to apply the certificate.