Specifications
Getting Started 37
In order to only allow secured connections when accessing the Web administration interface, you
need to supply a digital SSL certificate which will be stored on the Barracuda Load Balancer. This
certificate is used as part of the connection process between client and server (in this case, a browser
and the Web administration interface on the Barracuda Load Balancer). The certificate contains the
server name, the trusted certificate authority, and the server’s public encryption key.
The SSL certificate which you supply may be either private or trusted. A private, or self-signed,
certificate provides strong encryption without the cost of purchasing a certificate from a trusted
certificate authority (CA). However, the client Web browser will be unable to verify the authenticity
of the certificate and a warning will be sent about the unverified certificate. To avoid this warning,
download the Private Root Certificate and import it into each browser that accesses the Barracuda
Load Balancer Web administration interface. You may create your own private certificate using the
Advanced > Secure Admin page.
You may also use the default pre-loaded Barracuda Networks certificate. The client Web browser will
display a warning because the hostname of this certificate is "barracuda.barracudanetworks.com" and
it is not a trusted certificate. Because of this, access to the Web administration interface using the
default certificate may be less secure.
A trusted certificate is a certificate signed by a trusted certificate authority (CA). The benefit of this
certificate type is that the signed certificate is recognized by the browser as trusted, thus preventing
the need for manual download of the Private Root Certificate.
Note
The SSL configuration referred to here is only related to the Web administrative interface. To
enable SSL offloading for a Service, refer to SSL Offloading on page 47.