Overview

This section allows you to manage your SSL Certificates. Certificates can be attached to Load Balancers, or to domains via Server Groups.

A note on certificates and sites

If you are reading this Manual as part of an initial evaluation of Reblaze, and if you have large numbers of certificates to manage, you should know that Reblaze treats certificates differently than most other security solutions.

It's not unusual for some companies (especially SaaS platforms) to have dozens or even hundreds of certificates to manage. Most security solutions treat each SSL Certificate as a separate "site," and they charge their customers on a per-site basis. Thus, these solutions can be extremely expensive.

Contrary to this, Reblaze does not treat certificates as sites. A certificate is merely a certificate. For customers with tens or hundreds of certificates to manage, Reblaze's monthly pricing can be an order of magnitude less than its competitors'.

Administration

The list of currently defined Certificates is displayed in the main page, shown above. From here, new certificates can be generated, or existing ones can be edited.

Generating a Certificate

Selecting the + New button displays the Generate certificate dialog:

Certificates can be added manually, or Reblaze can parse a PFX file.

Editing/Configuring a Certificate

When an existing Certificate is edited, the Edit Certificate dialog appears:

Editable parameters and controls

Auto Replacement by Let's Encrypt

Let's Encrypt is a free certificate authority service. Reblaze integrates with it, and offers this service by default.

Once a day, Reblaze will check each application it protects. If that application's certificate is going to expire in the coming week, and its Auto Replacement by Let's Encrypt option for that certificate is enabled, Reblaze will generate a new certificate using Let's Encrypt, and will attach all of its sites to the new certificate.

Attach To Application

This tab includes a list of Server Groups. Selecting one will connect this Certificate to it.

Replace Existing Certificate

This tab includes a list of Certificates defined within the system. Selecting one and then clicking Save will result in all sites/applications being transferred from the selected Certificate over to the Certificate you're currently editing.

Download PFX

This will download the certificate information as a file in PFX format.