How Do I Obtain and Import the Email OTP Certificates?
Question
Multi-factor authentication is controlled by the Email OTP certificates. Users must obtain the Email OTP CA client and server certificates, and import the client CA certificate to the storage system and the server certificate to the SMTP server. How do I obtain and import the Email OTP certificates?
Answer
- Obtain the client CA certificate and server certificate using either of the following methods:
- Download the client CA certificate from the third-party CA center. After it is signed, export the server certificate.
- Obtain the CA certificates using the certificate management software. The following uses OpenSSL as an example. For details on how to use OpenSSL, refer to its documentation.
- Run the openssl command to generate the self-signed client CA certificate.
- Run the openssl command to generate the server certificate using the client CA.
- Import the self-signed root CA certificate of the client to the storage system.
- Log in to DeviceManager.
- Choose Settings > Certificate Management.
- Select Email OTP certificate and click Import Certificate.
- Import the CA certificate file and click OK.
- Import the server certificate to the SMTP server.
The following uses the hMailServer as an example.
- Log in to the hMailServer.
- Choose Settings > Advanced > SSL certificates.
- Click Add and import the certificate.
- Click Save.
- Choose Settings > Advanced > TCP/IP ports.
- Select the port of the mail server, set Connection security to SSL/TLS, and select the imported certificate in SSL Certificate.
- Click Save.