Chat now with support
Chat with Support

KACE Systems Deployment Appliance 7.0 Common Documents - Administrator Guide

About the KACE Systems Deployment Appliance Getting started Using the Dashboard Configuring the KACE SDA Setting up user accounts and user authentication Configuring security settings Preparing for deployment Managing device inventory Using labels Creating a Windows or Linux Boot Environment Managing drivers Capturing images Capturing user states Creating scripted installations Creating a task sequence Automating deployments Performing manual deployments Managing custom deployments Imaging Mac devices About the Remote Site Appliance Importing and exporting appliance components Managing disk space Troubleshooting appliance issues Updating appliance software Glossary About us Legal notices

Generate private key for new SSL certificate

Generate private key for new SSL certificate

By default, SSL is disabled. You can generate a private key to enable SSL after you generate a new certificate. You can use a valid self-signed certificate if you have a private key or a PKCS-12 file, and the private key and certificate were generated from the same Certificate Signing Request (CSR).

Export your KACE SDA components to a different location and enable SSH in case there is an error that might require the appliance to stop the key generation.
1.
On the left navigation pane, click Settings to display the Control Panel, then click Security to display the Security Settings page.
2.
Click Enable SSL to use a new certificate or a valid self-signed SSL certificate. Note that Quest KACE does not recommend using a self-signed certificate.
Generate a new SSL certificate:
1.
Click Get New SSL Certificate to display the KACE SDA Advanced SSL Settings wizard.
2.
Fill in the fields to generate a CSR.
3.
Download the private key and save the key in a safe place to use to enable SSL when you get a valid certificate from your Certificate Signing Authority.
4.
Copy or download the generated CSR and send it to your Certificate Signing Authority.
Use a self-signed certificate:
Click Can I use a self-signed certificate instead?, then click Save and Restart Apache.

Disable SSL

Disable SSL

You can disable the secure web browser that the appliance is running on by disabling SSL (Secure Sockets Layer).

1.
On the left navigation pane, click Settings to display the Control Panel, then click Security to display the Security Settings page.
2.
Click Enabled ports: 80, 443 (change).
3.
Clear the following check boxes:
Enable port 443 (HTTPS)
Forward port 80 to port 443
4.
Click Apply Changes.

The HTTPS browser is now unavailable.

Enable database access

Enable database access

You can enable database access to allow external programs, such as Crystal Reports or Excel® to query the KACE SDA database so that you can create your own reports. By default, the appliance does not allow external connections to the database.

The account for external access to the database is username: report and password: box747.

1.
On the left navigation pane, click Settings to display the Control Panel, then click Security to display the Security Settings page.
2.
Select the Enable Database Access check box.
3.
Click Save.

You might have to reboot the appliance before external programs can query the KACE SDA database.

Enable SSH Root Login (KACE Support)

Enable SSH Root Login (KACE Support)

Enabling SSH provides remote access to the Quest KACE Support team. Quest KACE recommends enabling SSH before you begin to use the appliance. SSH remote access is the only method that the Support team can use to diagnose and fix problems if the appliance becomes unresponsive.

1.
On the left navigation pane, click Settings to display the Control Panel, then click Security to display the Security Settings page.
2.
Select the Allow SSH Root Login (KACE Support) check box.
3.
Click Save.
Related Documents