3.5. Configuring SSL/TLS

Metadefender Central Management supports accessing Web UI and REST interface via HTTPS. This feature is not allowed by default, however. To allow the feature you should modify Metadefender Central Management server configuration by following the next steps:

First create your certificate and key files in convenient directory. Let us take paths as an example /etc/mdcentralmgmt/nginx.d/your.crt and /etc/mdcentralmgmt/nginx.d/your.key for Linux and C:/Program Files/OPSWAT/Metadefender Centralmgmt/nginx/your.crt and C:/Program Files/OPSWAT/Metadefender Centralmgmt/nginx/your.key for Windows accordingly.

On Linux

  1. Create file ssl.conf in the directory /etc/mdcentralmgmt/nginx.d

  2. Enter SSL-configuration according to Nginx. To allow simple SSL one needs to add the following lines only:

    ssl on;
    ssl_certificate /etc/mdcentralmgmt/nginx.d/your.crt;
    ssl_certificate_key /etc/mdcentralmgmt/nginx.d/your.key;

  3. Service restart is required to take these changes into effect.

On Windows

  1. Create file ssl.conf in the directory <Installation Directory>/nginx.

  2. Enter SSL-configuration according to Nginx. To allow simple SSL one needs to add the following lines only

    ssl on;
    ssl_certificate "C:/Program Files/OPSWAT/Metadefender Centralmgmt/nginx/your.crt";
    ssl_certificate_key "C:/Program Files/OPSWAT/Metadefender Centralmgmt/nginx/your.key";

  3. Service restart is required to take these changes into effect.

Note that certificate and key files are to provided by the user who can store them whenever it is convenient. Please adjust the paths accordingly.

For more SSL-options please consult Nginx documentation.