[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] purchasing a secure certificate from Thawte

Subject: Re: [cobalt-users] purchasing a secure certificate from Thawte
From: "Doug MacAdam" <admac@xxxxxxxxxxxx>
Date: Thu Jun 8 12:41:51 2000

Brian,
When you produce the Cert request to send to Thawte, the corresponding key
file(s) generated in that sites /certs directory. Make a copy of the one you
sent, and the ones that will be in the /home/sites/host.whatever.com/certs/
directory, and store them in a safe box in another country :). When Thawte
approves and issues your certificate, it should be as simple as pasting
their cert in the open field in the GUI, adjacent your certificate request
(leaving the -----BEGIN CERTIFICATE-----, and  -----END CERTIFICATE-----
lines in place!), then "use manually entered cert", and save. Now you have
https://host.whatever.com/sucurefiles
 They are intense about backing up those /certs files because if you go back
into the GUI after sending the request to thawte, and create another request
cert for whatever reason, it will overwrite the key thats currently in the
/certs directory.....making the cert that Thawte is about to send you
unmatched, and worthless. :)
Have Fun
Doug
----- Original Message -----
From: "Brian Baggett" <bbaggett@xxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Cc: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Monday, June 05, 2000 1:00 PM
Subject: [cobalt-users] purchasing a secure certificate from Thawte


I'm following the instructions in the RaQ3 manual for setting up SSL using
an externally authenticated digital certificate and I don't see any mention
of my private key.  However, Thawte makes it sound like my life will end if
I don't have a secure back up of this thingy.  Quote from Thawte's site,

"Please make sure that you have a backup of your private key, and that you
know the passphrase that protects it. Your certificate will not work without
the private key, and we cannot simply reissue your certificate if your key
is lost or corrupted, or if you can't remember the passphrase. Protecting
your private key is your primary responsibility if you want to conduct
business online. Your private key is like a company stamp."

I assume that this is all handled under the covers by the RaQ3's GUI program
and Cobalt doesn't mention it because they want to keep things simple (on
the surface anyway).  Should I just press on with the instructions from the
RaQ's user manual or should I be more concerned about finding and backing up
my private key?  Is it secure enough in the default location?

Thanks in advance,
Brian


-----Original Message-----
From: Thescripter@xxxxxxx [mailto:Thescripter@xxxxxxx]
Sent: Monday, June 05, 2000 9:28 AM
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-users] DNS-Entry via CGI-Script... again.


Hi! You can automate this step by doing:
system("/etc/rc.d/init.d/named restart");

_______________________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To Subscribe or Unsubscribe, please go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users


_______________________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To Subscribe or Unsubscribe, please go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users

References:
- [cobalt-users] purchasing a secure certificate from Thawte
  - From: Brian Baggett

Prev by Date: RE: [cobalt-users] CGI scripts
Next by Date: RE: [cobalt-users] End-user documentation.
Previous by thread: RE: [cobalt-users] purchasing a secure certificate from Thawte
Next by thread: [cobalt-users] Sendmail error

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index