Updating SSL Certificates in Aspera Web Applications

shutterstock_1202221816
Aspera / IBM

Updating SSL Certificates in Aspera Web Applications

IBM Aspera offers several web applications as part of their portfolio:

  • Aspera Shares and Aspera Faspex provides end-users with an easy-to-use web interface for high-speed data transfer.
  • Aspera Console provides a centralized administrative interface for monitoring, reporting, transfer initiation, and management of Aspera transfer servers.
  • Aspera Orchestrator allows web-based design and execution of file-based workflows.

An important part of securing these web applications is to install an SSL/TLS Certificate that has been signed by a trusted Certificate Authority (CA).

This article will describe how to update your Aspera web apps with these signed certificates.

Aspera Shares

Aspera Shares is bundled with nginx as the front-end web server. The certificate and key files live in the /opt/aspera/shares/etc/nginx directory.

  1. Copy your new private key to cert.key
  2. Copy your new certificate to cert.pem
  3. [Optional] Append any root/intermediate certificates provided by your CA to the end of cert.pem.
  4. Restart the Aspera Shares nginx service by running /opt/aspera/shares/sbin/sv restart nginx.

Aspera Faspex, Console, Orchestrator

Faspex, Console, and Orchestrator are all bundled with Apache as the front-end web server. In addition, these products include a command line utility, asctl, which is used for many administrative tasks including updating the SSL certificate.

  1. Run asctl apache:install_ssl_cert <cert file> <key file> <intermediate cert file>
  2. This command will move all of the files into place and prompt you to restart the appropriate services.

Leave your thought here

Your email address will not be published. Required fields are marked *