Replacing the Copy Services Manager server certificates

Edit online

The server gets installed with a default set of self signed certificates. You can change the default certificates that are supplied by Copy Services Manager. The current recommended format for uploading certificates into the Copy Services Manager server is the p12 format.

Note: By default, thirty days prior to the certificate expiring, a message will be posted to the console and an alert sent, indicating the certificates are about to expire. This will be done once a day until the certificate expires or is replaced.

The following interfaces on the Copy Services Manager server use certificates in order to create a secure TLS connection.

  1. Copy Services Manager GUI - this includes all browser based communication as well as REST API communication. Default port is 9559.
  2. Copy Services Manager CLI - this includes all Java based connections to the server from local or remote Command line interfaces. Default port is 9560.
  3. Copy Services Manager Active/Standby connections - this is the communication between any active and standby servers. Default port is 9561.

The following pages provide instructions on how to modify these certificates or replace the certificates with custom or third party certificates. After installation, each of the above connections will use separate certificates, however, starting with the 6.3.15.0 release, all certificates can be replaced and managed by a single uploaded certificate for the server using the GUI interface.