Windows Registry Disclaimer:
Quest does not provide support for problems that arise from improper modification of the registry. The Windows registry contains information critical to your computer and applications. Make sure you back up the registry before modifying it. For more information on the Windows Registry Editor and how to back up and restore it, refer to Microsoft Article ID 256986 “Description of the Microsoft Windows registry” at Microsoft Support.
When requesting a certificate, use the regular Windows procedure for generating a certificate request. This typically involves using the Certificate Request Wizard in IIS, the Certificates MMC, or the certreq command line. These techniques are all well documented outside of this KB.
The main requirements for custom SSL Server certificate:
Install the certificate per the authority's instructions and associate it with the computer account of the server on which it's installed.
IMPORTANT: When importing the certificate it will ask for the password, if not, Rapid Recovery will use the default certificate.
To apply a third-party certificate in Rapid Recovery Core Console, complete the following steps.
To apply a third-party certificate in Rapid Recovery Agent, complete the following steps.
Note: Certificates without an exportable private key will not work and the LocalServerThumbprint will revert from the value entered in step 4
Note 1: if after installing 3rd party certificate, Core console is asking for credentials over and over, seemingly not accepting correct credentials then do the following:
- stop the Core service
- open regedit
- navigate to HKLM\system\CurrentControlSet\Services\Lanmanserver\parameters
- create DWORD value DisableStrictNameChecking and set it to1
- navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
- create DWORD value DisableLoopbackCheck and set it to 1
- reboot the Core server
