To reduce throttling and API limits, you can now use extra accounts or credentials during GIT and ADO restores.
CHANGELOG
🏠︎ HOME@ WEBSITE↘ FREE TRIAL✉︎ CONTACT SUPPORT

Enabling HTTPS for on-premise Xopero ONE installation

Linux & Windows

Configuration

  1. Open the appsettings.json file located in the Xopero ONE Management Service installation directory:

    • Windows (default): C:\Program Files\Xopero ONE Backup&Recovery

    • Linux (default): /opt/XoperoONEManagementService

The file is a standard JSON configuration file that needs to be modified.

  1. Locate the "commented_out_Kestrel" section, which by default looks like this:

"commented_out_Kestrel": {
"Endpoints": {
"Http": {
"Url": "http://*:5000"
}

  1. Modify the section by removing the commented_out_ prefix and providing the HTTPS configuration as follows:

"Kestrel": {
"Endpoints": {
      		"Http": {
      		 		"Url": "http://*:5000"
      },
		"Https": {
				"Url": "https://*:5001",
				"Certificate":{
						"Path": "<.pfx file path>",
						"Password": "<certificate password>"
		}
	  }
    }
  }

Path - path to .pfx file (Remember to use double slash, so in case you're keeping the certificate in C:\cert.pfx directory provide the path in the following way: C:\\cert.pfx)

  • Path: full path to the .pfx certificate file. Remember to use double backslashes on Windows. For example, if the certificate is located at C:\cert.pfx, enter it as:

    C:\\cert.pfx

  • Password: the password for the certificate.

Learn more about the Kestrel configuration on the official Microsoft website.

Restarting the Xopero ONE Management Service

After editing the appsettings.json file, restart the Xopero ONE Management Service to apply the changes:

  • On Windows:

net stop XoperoONEManagementService
net start XoperoONEManagementService

  • On Linux:

systemctl restart XoperoONEManagementService

After setting up HTTPS for the Management Service, you need to switch agent communication to HTTPS. To do this, locate the config.json file in the agent installation directory (by default: C:\Program Files\Xopero ONE Backup&Recovery Agent), open it in a text editor, and modify the ServiceUrl parameter to use the https:// protocol. Save the changes and restart the agent to apply the new settings.

Docker

Configuration

When deploying a container with your Xopero ONE service, you must include two additional environment variables: ASPNETCORE_Kestrel__Certificates__Default__Path and ASPNETCORE_Kestrel__Certificates__Default__Password. These variables define the path to your SSL certificate and its corresponding password, respectively.

As the "Value" of specific variables enter as follows:

  • ASPNETCORE_Kestrel__Certificates__Default__Path - path to certificate in .pfx format.

  • ASPNETCORE_Kestrel__Certificates__Default__Password - password to certificate.

It is essential to ensure that the certificate is stored in a mounted and persistent location, so that it remains available and is not removed or lost during container updates or redeployments.

It is important to note that, in addition to implementing the certificate on the management console host, all devices connecting to the console must also recognize this certificate as trusted.

Therefore, in the case of self-signed certificates, the certificate must also be imported on all devices that will connect to the console. Otherwise, the encrypted HTTPS connection may be rejected due to an untrusted certificate.

Last updated