Trilio for Red Hat Virtualization
4.1
4.1
  • About TrilioVault for RHV
  • TrilioVault for RHV Architecture
  • TrilioVault for RHV 4.1 Release Notes
  • TrilioVault 4.1 Support Matrix
  • Deployment Guide
    • General requirements
    • Certificates required for TVR
    • Preparing the Installation
    • Spinning up the TrilioVault VM
    • Configure TrilioVault VM
    • Installation of RHV extensions
    • Post Installation Health-Check
    • Uninstall TrilioVault
    • Upgrade TrilioVault
  • User Guide
    • Required RHV User roles
    • Workloads
    • Preparing for Application Consistent backups
    • Snapshots
    • Restores
    • File Search
    • Snapshot mount
  • ADMIN GUIDE
    • The appliance service account
    • Configure the TrilioVault appliance login banner
    • Reset the TrilioVault GUI password
    • Shutdown/Restart the TrilioVault Appliance
    • Admin Panel
    • email alerts
    • Reporting
  • Troubleshooting
    • Important TVM Logs
    • Important RHV-Manager Logs
    • Important RHV-Host Logs
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Deployment Guide

Certificates required for TVR

PreviousGeneral requirementsNextPreparing the Installation

Last updated 4 years ago

Was this helpful?

The certificates explained on this page are not the certificates provided when accessing the TrilioVault VM dashboard through HTTPS.

TrilioVault for RHV is integrating into the RHV-Manager to provide a seamless experience for RHV Administrators and Users for all their Backup & Recovery needs inside RHV.

For this purpose is TrilioVault extending the RHV-Manager GUI with a new tab "Backup", which contains the sub-tabs Workloads, Admin Panel and Reporting as shown in figure 1.

The integration of TrilioVault into the RHV-Manager contains the complete GUI. This GUI still requires Data that will be shown then.

The RHV-Manager is gathering the data shown in the GUI from the client-side. This means that next to the connection to the RHV-Manager there are also connections to the systems providing the data. For all normal RHV tabs and fields is this the RHV-Manager itself.

When accessing the TrilioVault tabs there will also be a connection build-up to the TrilioVault VM, to gather the data about Workloads, Snapshots, Restores, etc. Figure 2 visualizes this connection.

As can be seen, the TrilioVault VM provides its own certificate to the Client Browser. This connection is happening in the background of the browser. This means, that untrusted certificates can not be accepted through the browser upon opening the Backup tab in the RHV-M. The certificate for the GUI is coming from the RHV-Manager and has been accepted at this point already. The certificate for the data coming from the TrilioVault VM needs to be accepted separately.

Before installing TrilioVault it is therefore required to consider which certificates the TrilioVault VM will use and how they will be distributed to the Client Browser.

During configuration is the TrilioVault VM either able to generate its own self-signed certificate or a certificate and a private key can be provided.

When a self-signed certificate is chosen can the generated certificate be downloaded from the TrilioVault VM dashboard and then added as a trusted certificate to the Client system. Or it can be accepted through the browser itself by calling the TrilioVault VM API directly.

When a certificate is provided is the private key used with that certificate also required. This private key will be used to encrypt the communication between TrilioVault VM and the Client Browser. The provided certificate still needs to be trusted by the Client system.

Wildcards can be used for a provided certificate, but they are not recommended to ensure that the communication between TrilioVault VM and Client Browser is secure.

Figure 1: TrilioVault integration into RHV-M menu
Figure 2: Connection between Client Browser and RHV-Manager