Advertising banner:
 
 
 A194
 
81203_43854_21.png81203_43840_19.png
Related Topics


Creating a site (or server) security certificate for your system
This section describes the process of generating your certificate request, sending the request to a certificate authority and, finally, creating the security certificate document.
To create a security certificate for your FirstClass system:
1       Shut down FirstClass server.
or
Create a blank or a dummy FirstClass Network Store on a separate machine.
2       Start FirstClass Tools.
3       Choose Configure > Make Certificate Package.
4       Enter a password:
Cert-PWDscreen.png
81203_42521_14.png        Note
        You can choose any alphanumeric password you wish. Record this password in a secure place, as you will need to use it later.
5       Click OK.
You now have to fill out a request form.
6       Complete the Certificate Request Information form.
81203_42521_14.png        Note
        You must fill in every field on the Certificates form.
Cert-Informationscreen.png
Country name
The name of your country. For example, CA for Canada.
State or province name
The full name of your state or province. For example, Ontario.
Locality name
The full name of your city. For example, Markham.
Organization name
The full name of your organization. For example, Husky Planes Inc.
Organization unit name
The full name of the department or area in your organization for the web site. For example, Sales, Engineering, or Marketing.
If your web site is for your entire company, repeat the company name in this field.
Domain name
Web site domain name. For example, www.huskyplanes.com.
Email address
Web site email address. For example, sales@huskyplanes.com.
After you have completed the form, press OK and follow the instructions.
7       Move the mouse over the screen to generate random data.
81203_42521_14.png        Note
Moving the mouse over the screen generates random information needed to generate the certificate.
Information that represents both an RSA private key and the certificate request is gathered, and text-like output is displayed to this form:
52902_92436_11.png
8       Copy both sections of the above information to a text file.
9       Shut down FirstClass Tools and start your FirstClass server.
If you are using a blank or dummy FirstClass Network Store on a separate machine, use this server, not your live server.
10      Open the Internet Services/SSL Certificates folder, on the administrator’s Desktop, and create a new FirstClass document.
11      Paste the first section of the text from Step 8 (starting with ----BEGIN RSA PRIVATE KEY ---- and ending with ----END RSA PRIVATE KEY----) into the document you created in the Certificates folder in Step 10.
12 Close the document and name it something meaningful ending with one of the following extensions: .cert, .crt, or .pem, @somedomain.com
        For example, mycert.cert or mycert@somedomain.com
13      Choose a certificate authority, for example, VeriSign.
14      Request an SSL certificate on your certificate authority’s web site and, when prompted, paste the second section of the text from Step 7 (starting with ----BEGIN CERTIFICATE REQUEST---- and ending with END CERTIFICATE REQUEST----) into the text field provided.
        81203_40013_5.png        Warning
If you are asked what type of web server you are using, select "Other" first or "Apache", if "Other" is not available. If neither options are available, please contact your certificate authority.
To see a list of certificate authorities in the Netscape browser:
81203_42521_14.png        Note
        Third-party vendors issue security certificates for a small fee.
        i)      Choose Communicator > Tools >Security Info, while in the browser.
        ii)     Click Signers, located on the Certificates window.
To see a list of certificate authorities in the Microsoft Internet Explorer browser:
        i)      Choose Tools > Internet Options.
        ii)     Click Certificates on the Content tab.
        iii)Click the Trusted Root Certification Authorities tab.
A certificate will be emailed back to you, containing this information:

15      Paste the above text (starting with ----BEGIN CERTIFICATE---- and ending with ----END CERTIFICATE---- ) above the text in the document you created in Step 10.
16      Enter this line between the two paragraphs in the document:
password: <password here>
where <password here> should be replaced with the password you entered in step 4.
This is what your document should look like:
52902_92527_13.png
17      Open the Multiple Sites & Languages form and enter the certificate name (from Step 12) in "Certificate".
        If you are not running multiple sites, enter the certificate name on the Advanced Web and File form. If you are running multiple sites enter the certificate name(s) on the Multiple Sites & Languages form and leave the Advanced Web and File form blank. Use the same procedure if you are running clustered services on your system except configure the forms for each cluster.
Change SSL Status to either Enabled or Required. Selecting Enabled instructs Internet Services to accept both secure and unsecure connections for the web site. Selecting Required instructs Internet Services to only accept secure connections.
81203_42521_14.png       Note
If you want to support SSL in a multiple-site setup, you must purchase separate security certificates and pick unassigned port numbers (except for port 443 that is the default port) for each site.
41504_111615_0.png
18      Restart Internet Services.
You should now see the line Initialized 1 HTTPS listeners on your Internet Services console.
81203_42521_14.png        Note
When you enable HTTPS, the SSL connection is in use. This means extended server-side include (XSSI) variables that describe the connection become available (are set) and can be used in XSSI scripts. Internet Services supports all industry standard XSSI variables, with the exception of SSL_VERSION_INTERFACE. For a full listing of the variables used in Internet Services, see our online help or press F1.


hirosue Shino Web Site