When are the default Ahsay dummy / self-sign certificate acceptable for business?
The Ahsay dummy / self-signed certificate which is bundled with every AhsayCBS installation by default, is a handy tool to have, but using it for a production backup server could be a big mistake.
Here's when it makes sense and when it doesn't.
For a public facing backup server
For any public facing backup server (WAN environment), it is never a good idea to deploy your AhsayCBS with the default dummy / self-signed certificate. You must put a very trustworthy front for your customers.
Most browsers, such as Google Chrome and Mozilla Firefox, will display a security alert because the default Ahsay dummy / self-signed certificate was not verified by a trusted Certificate Authority.
The security warnings associated with the default Ahsay dummy / self-signed certificate may drive away potential customers with fear that the website does not secure their credentials and data.
For an internal facing backup server
For an internal backup server (LAN environment), the default Ahsay dummy / self-signed certificate should only be used on a temporary phase or for testing purposes.
Many organizations advise internal users to simply ignore the warnings but this could encourage dangerous public browsing behaviour. Internal users accustomed to ignoring warnings on internal sites may be inclined to ignore warnings on public sites as well.
To conclude, the simple fact is, the default Ahsay dummy / self-signed certificate should only be used for temporary internal LAN-only services, or for testing purposes.
For any other setup, it is strongly recommended to install a trusted SSL certificate for your backup service.
Note:
For instruction on how to install a trusted SSL certificate for your AhsayCBS server, refer to the instruction provided in the AhsayCBS Administrator - System Settings Guide .
Click here for the Trusted CA list for: Ahsay v7 , Ahsay v8 , Ahsay v9
Alternatively, contact Sales to inquire about the SSL certificate CSR generation and SSL certificate installation services.
Please note that it is not Ahsay System's obligation to renew a dummy certificate, since the default Ahsay dummy / self-signed certificate is only intended for functionality testing purposes.
Please refer to How do I renew the Ahsay self-signed SSL and CA certificate on my AhsayCBS backup server? for instructions.