The admin connection provides access the Admin UI and allows REST calls to be made to the Controller.
Unique Admin Hostname
The hostname to be used by admins and REST API calls. Use only fully qualified domain names or IPv4 / IPv6 address.
TLS Port
The default is port 8443.
Allow Sources
To allow a connection to this port the requesting IP address must match at least one of these Allowed Sources. By default the list contains 2 entries: address (0.0.0.0) and netmask 0 & address :: and netmask 0.
If the list is empty, no connections are allowed.
If an entry contains address, netmask and interface, then both subnet and interface must match.
If an entry only contains address and netmask, then only subnet needs to match.
If an entry only contains interface, then only the interface must match.
Example:
Address | (OPTIONAL: IPv4 or IPv6 address of host or subnet to allow) |
Netmask Length | (OPTIONAL: Netmask, set to 32 (IPv4) or 128 (IPv6) for single host) |
Interface | (OPTIONAL: ethX, only allow connections through this interface) |
TLS Ciphers
TLS Ciphers to allow on the Admin Interface. Use the default ciphers unless your browsers require some other specific cipher to be used. Admin/API access is via the Unique Admin Hostname. This uses the self-signed root certificate which means there will be an 'unsafe' warning shown (the browser does not trust the certificate). To avoid the admin having to approve this certificate, an externally signed certificate can be used. This requires a PKCS#12 file containing a certificate (for the Unique Admin Hostname) signed by a trusted CA and the private key is required to terminate the admin/API HTTPS connection.
HTTPS Certificate - PKCS #12
Allows you to upload a PKCS #12 file which includes a CA signed certificate to remove the untrusted browser warning associated with the self-signed certificate used by the system.
File
Select the PKCS #12 file to upload.
Password
The password for the PKCS #12 file.There is more information available about removing the browser security warning.