beautypg.com

5 ssl certificates – Acronis Backup for Windows Server Essentials - User Guide User Manual

Page 348

background image

348

Copyright © Acronis International GmbH, 2002-2014

Linux

Specify the port in the /etc/Acronis/Policies/Agent.config file. Restart the acronis_agent daemon.

Configuring the port in a bootable environment

While creating Acronis bootable media, you have the option to pre-configure the network port that
will be used by the Acronis Backup Bootable Agent. The choice is available between:

The default port (9876)

The currently used port

New port (enter the port number)

If a port has not been pre-configured, the agent uses the default port number.

15.1.3.5 SSL certificates

Acronis Backup components use Secure Sockets Layer (SSL) certificates for secure authentication.

SSL certificates for the components can be one of the two types:

Self-signed certificates, such as certificates automatically generated during the installation of an
Acronis component.

Non-self-signed certificates, such as certificates issued by a third-party Certificate Authority
(CA)—for example, by a public CA such as VeriSign

®

or Thawte™—or by your organization's CA.

Certificate path

All Acronis components installed on a machine, when acting as a server application, use an SSL
certificate called the server certificate.

In Windows, the certificate path and the server certificate's file name are specified in the registry key
HKEY_LOCAL_MACHINE\SOFTWARE\Acronis\Encryption\Server. The default path is:

For 32-bit versions of Windows: %CommonProgramFiles%\Acronis\Agent

For 64-bit versions of Windows: %CommonProgramFiles(x86)%\AcronisAgent

For self-signed certificates, the certificate thumbprint (also known as fingerprint or hash) is used for
future host identification: if a client has previously connected to a server by using a self-signed
certificate and tries to establish connection again, the server checks whether the certificate's
thumbprint is the same as the one used before.

Self-signed certificates

On machines running Windows, if the certificate location contains no server certificate, a self-signed
server certificate is automatically generated and installed during the installation of any Acronis
component except Acronis Backup Management Console.

If the machine is renamed after its self-signed certificate was generated, the certificate cannot be
used and you will need to generate a new one.

To generate a new self-signed certificate

1. Log on as a member of the Administrators group.
2. In the Start menu, click Run, and then type: cmd
3. Run the following command (note quotation marks):

When using a 32-bit version of Windows:

This manual is related to the following products:
See also other documents in the category Acronis Software: