Appendix G - Securing Default Certificates on N2WS Server
Last updated
Last updated
None of the following procedures should be attempted when Backups/DR/Cleaning/S3 Copy are running. Linux Knowledge is required.
The N2WS server comes with a default self-signed HTTPS certificate that will show as ‘Not Secure’ in the browser. You can secure the certificate and reach the UI by either:
Selecting the Advanced button in the ‘Your connection is not private” message, or
Adding an exception to the browser. See the Appendix B screenshot in the N2WS Quick Start Guide at
If you purchased an HTTPS certificate from a certificate authority, you can replace the default certificate with the new one as follows:
Connect to the N2WS instance over SSH.
Use ‘sudo’ to reach the certificate folder, keeping the ownership and permissions of the files (‘cp’).
Go to /opt/n2wsoftware/cert
4. In the folder, replace cpm_server.crt and cpm_server.key with new files having the same names.
5. If you are using MobaXterm, you can drag/drop files to the SSH session, and then copy the files to the correct folder.
6. After replacing the files, restart Apache: sudo service apache2 restart
For full details, see
To test the certificate before deploying to production:
The user can launch a new N2WS trial instance to see if the new certificate works there.
If there are any issues, you can restore/recreate the original default certificate as follows:
Only perform these steps if you know how to use SSH and Linux commands.
Connect to the N2WS instance over SSH using a tool such as PuTTY or MobaXterm.
Use ‘sudo’ to reach the certificate folder, keeping the ownership and permissions of the files: sudo su
Go to /opt/n2wsoftware/cert:
4. Move the existing .crt and .key files to a new name:
5. Stop/Start the instance.
For full details, see