Date: Fri, 29 Mar 2024 08:33:40 +0000 (UTC) Message-ID: <282509089.8472.1711701220594@support.blancco.com> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_8471_59675930.1711701220594" ------=_Part_8471_59675930.1711701220594 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
Created Date | Updated Date | Affects version | Fix Version |
---|---|---|---|
&nbs= p; |
By default, the Blancco LUN Eraser software does not check the Blancco M= anagement Console's certificate validity when connecting using HTTPS. If ad= ditional security is needed then certificate verification can be enabled.= p>
When the certificate validity is checked then the Blancco Management Con= sole hostname must match that in the certificate and the certificate's sign= er must be trusted. If either of those two conditions are not met you will = see the below error code. In this case, the Blancco Management Console's ad= dress is 192.168.1.1.
Could not initiate secure connection to
=
192.168
.
1.1
Verify that your operating systems se=
curity certificates are up to date.
Refer to manual or support.blanc=
co.com
for
setting custom certificate location.
The verification of the certificate can be enabled in the LUN Eraser con= figuration file using the option "VerifyMCCert".= strong> Changing the value to 1 enables the verification and 0 disable= s it (default).
Enable certificate verification
VerifyMCCert =3D
"1"
In some cases, the certificate's signer is not trusted, This can happen = for example if the environment running Blancco LUN Eraser is not updated or= the Blancco Management Console certificate is self-signed. In this case, y= ou need to add the certificate signer to a list of trusted signers. This ca= n be done by either placing the certificate file to one of the default loca= tions /etc/ssl/certs and /etc/pki/tls/certs/ca-bun= dle.crt or to a custom location.
The custom certificate location can be defined using the "MCCert= Path" option within the configuration file. In the following = example, the certificates will also be checked using the path /tmp/mc_certi= ficate.
MCCertPath =3D
"/tmp/mc_certificate"