Difference between revisions of "Setting up a new sub-provider"
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
| − | |||
| − | |||
== Prerequisites and information == | == Prerequisites and information == | ||
=== Network === | === Network === | ||
| − | # You need a new public IPv4 IP address for a | + | # You need a new public IPv4 IP address for a sub-provider. |
| − | # The IP must be configured to route to your regify provider software appliance or | + | # The IP must be configured to route to your regify provider software appliance or load-balancer (depending on your configuration). |
## Internal routing IP address must get added in provider appliance menu. | ## Internal routing IP address must get added in provider appliance menu. | ||
| − | # A new DNS A-record must be made to route your new domain (like | + | # A new DNS A-record must be made to route your new domain (like sub-provider.company.com) to the new public IP address. |
# If your provider runs with own MTA (one setting for all provider instances), you also need a reverse DNS entry for email to make it work. | # If your provider runs with own MTA (one setting for all provider instances), you also need a reverse DNS entry for email to make it work. | ||
| Line 15: | Line 13: | ||
## You can display the signing request by choosing "Show Cert Request" in appliance menu. | ## You can display the signing request by choosing "Show Cert Request" in appliance menu. | ||
## Use the signing request to order your certificate. | ## Use the signing request to order your certificate. | ||
| − | ## If received, collect the certificate, all | + | ## If received, collect the certificate, all intermediate certificates and root certificate (only Provider < V3.4) in a text editor. |
| − | ## Import certificate using " | + | ## Import certificate using "Import Signed Cert" from appliance menu and past text editor content. |
## Check correct certificate chain here [http://www.digicert.com/help/] (maybe only possible after finished setup). | ## Check correct certificate chain here [http://www.digicert.com/help/] (maybe only possible after finished setup). | ||
== Setting up the sub-provider == | == Setting up the sub-provider == | ||
| − | Please ensure that all prerequisites are | + | Please ensure that all prerequisites are fulfilled. Now follow these steps: |
=== Setting up in appliance menu === | === Setting up in appliance menu === | ||
| − | # Enter appliance menu and chose "Add sub-provider" option. | + | # Enter appliance menu and chose "Network..." -> "Add IP" to add the public IP address (if not yet done). |
| − | # Choose the added IP address (internal address if behind firewall, router or | + | # Enter "Provider..." -> "Add sub-provider" option. |
| − | # Enter the server name of the new sub-provider | + | # Choose the added IP address (internal address if behind firewall, router or load-balancer). |
| − | # Select "Edit | + | # Enter the server name of the new sub-provider and answer all questions asked by the system. |
| − | # Import the | + | # Select "Edit Subprovider..." in the appliance menu and chose the added sub-provider from the menu |
| + | # Import the SSL certificate using "Import Cert & Optionally key" from the appliance menu (not needed if the load balancer holds the certificates) | ||
# If the provider system is running a cross-master replication, ensure that you also configure the other system in the same manner | # If the provider system is running a cross-master replication, ensure that you also configure the other system in the same manner | ||
| Line 37: | Line 36: | ||
# Complete the settings of the new sub-provider and finish it by clicking "Save changes" | # Complete the settings of the new sub-provider and finish it by clicking "Save changes" | ||
# Create or select a user for the administration of the new sub-provider | # Create or select a user for the administration of the new sub-provider | ||
| − | # Assign this user to the new sub-provider by using "Manage user -> Change the user data" | + | # Assign this user to the new sub-provider by using "Manage user" -> "Change the user data" |
# Go back to "Manage sub-provider" and select "Manage portal administration roles". Here you can assign the role "sub-provider admin" to the mentioned user | # Go back to "Manage sub-provider" and select "Manage portal administration roles". Here you can assign the role "sub-provider admin" to the mentioned user | ||
| − | # Now this user can access the reduced web administration of the sub-provider by calling the | + | # Now this user can access the reduced web administration of the sub-provider by calling the URL https://[subproviderdomain]/ADMINISTRATION |
Revision as of 14:51, 19 January 2018
Contents
Prerequisites and information
Network
- You need a new public IPv4 IP address for a sub-provider.
- The IP must be configured to route to your regify provider software appliance or load-balancer (depending on your configuration).
- Internal routing IP address must get added in provider appliance menu.
- A new DNS A-record must be made to route your new domain (like sub-provider.company.com) to the new public IP address.
- If your provider runs with own MTA (one setting for all provider instances), you also need a reverse DNS entry for email to make it work.
Certificate
- Buy a SSL certificate for the needed sub-provider domain.
- While setting up the new sub-provider in your appliance menu, a new certificate is generated.
- You can display the signing request by choosing "Show Cert Request" in appliance menu.
- Use the signing request to order your certificate.
- If received, collect the certificate, all intermediate certificates and root certificate (only Provider < V3.4) in a text editor.
- Import certificate using "Import Signed Cert" from appliance menu and past text editor content.
- Check correct certificate chain here [1] (maybe only possible after finished setup).
Setting up the sub-provider
Please ensure that all prerequisites are fulfilled. Now follow these steps:
- Enter appliance menu and chose "Network..." -> "Add IP" to add the public IP address (if not yet done).
- Enter "Provider..." -> "Add sub-provider" option.
- Choose the added IP address (internal address if behind firewall, router or load-balancer).
- Enter the server name of the new sub-provider and answer all questions asked by the system.
- Select "Edit Subprovider..." in the appliance menu and chose the added sub-provider from the menu
- Import the SSL certificate using "Import Cert & Optionally key" from the appliance menu (not needed if the load balancer holds the certificates)
- If the provider system is running a cross-master replication, ensure that you also configure the other system in the same manner
Setting up in web administration
After setting up the system in the appliance menu (on all systems), you can continue with the setup by using the web administration
- Login to the web administration of the main provider as a master admin and select "Manage sub-providers". The new sub-provider should appear in the list of sub-providers
- Selecting the new sub-provider in the list of sub-providers allows you to edit the settings in the lower area "Edit provider settings"
- Complete the settings of the new sub-provider and finish it by clicking "Save changes"
- Create or select a user for the administration of the new sub-provider
- Assign this user to the new sub-provider by using "Manage user" -> "Change the user data"
- Go back to "Manage sub-provider" and select "Manage portal administration roles". Here you can assign the role "sub-provider admin" to the mentioned user
- Now this user can access the reduced web administration of the sub-provider by calling the URL https://[subproviderdomain]/ADMINISTRATION
