58130: Acronis Cyber Backup 12.5 and 12: Enabling SSL-Secured Connection to Backup Console

use Google Translate

Last update: 03-09-2020

Acronis Cyber Backup 12.5

Starting with Update 2 (build 8610), both the HTTP and the HTTPS protocols are supported on the same TCP port, which can be configured during the management server installation. The default port is 9877.

You can configure the management server to prohibit accessing the backup console via HTTP and to use a third-party SSL certificate.

Acronis Backup 12

By default, Acronis Backup 12 (on-premises deployment) uses HTTP connection to the Backup console. Do the following to enable SSL-secured connection (HTTPS):

  1. Open %ProgramData%\Acronis\WebServer\config.xml (Windows) or /var/lib/Acronis/WebServer/config.xml (Linux).
  2. In the ssl tag, change the value of the enabled attribute to "1":
  3. You can also specify path to your own SSL certificate in the cert_path attribute.

If you use self-signed certificate

In the case you have certificate that is self-signed, you need to install it into the Trusted Root Certificate Authorities Store.

Install a Self-Signed SSL certificate into the Trusted Root Certificate Authorities Store
 

  1. Open Microsoft Management Console: Start -> in Search, type mmc.exe and press Enter.
  2. Click File, and then click Add/Remove Snap-in.
  3. Select Certificates and click Add.
  4. Select Computer account and click Next.
  5. Select Local computer and click Finish.
  6. In the left pane, expand Certificates (Local Computer).
  7. Expand the Personal node and click Certificates.
  8. Right-click the newly created certificate, select All Tasks, and click Export.
  9. The Certificate Export Wizard opens. Click Next.
  10. Select No, do not export the private key and click Next.
  11. Select DER encoded binary and click Next.
  12. Specify a file name with .CER extension, and click Next.
  13. Click Next, and then click Finish.

Deploy the Self-Signed certificate using Group Policy Objects.

  1. Open Microsoft Management Console: Start -> in Search, type mmc.exe and press Enter.
  2. Select a GPO that affects all computers that use Acronis Cyber Backup.
  3. Right-click the GPO and click Edit.
  4. Navigate to Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Public Key Policies.
  5. Right-click Trusted Root Certification Authorities and click Import.
  6. The Certificate Import Wizard opens. Click Next.
  7. Click Browse to select the file that was previously exported. Click Open, and then click Next.
  8. Ensure that Certificate is placed in the Trusted Root Certification Authorities store is selected and click Next.
  9. Click Finish.