[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Equifax Secure Certificate installation on RAQ3

Subject: RE: [cobalt-users] Equifax Secure Certificate installation on RAQ3
From: Jerald C Jones <jcjones@xxxxxxxxxx>
Date: Sat Sep 16 09:23:32 2000

Hmmmm. When I try to go to your secure site, I get an error from my browser that it does not recognise the issuer of the certificate
and it asks me if I want to trust the cert or not (Using IE 5).  This is exactly the same behavior I get from my site when I use a
Self Signed certificate.

JC Jones  :)

> -----Original Message-----
> From: cobalt-users-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Mark Baker -
> Cobalt Lists
> Sent: Saturday, September 16, 2000 4:03 AM
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: Re: [cobalt-users] Equifax Secure Certificate installation on
> RAQ3
>
>
> We were told that these instructions are wrong, and we designed for the
> RaQ2, so you can paste the certificate in to the normal GUI window.
>
> However we had to rebuild our RaQ3  (after the certificate installation
> damaged it) so I backed up the key file e.t.c but now I'm not having any
> luck getting the certificate to work again!
> It pastes in OK and doesn't give any errors, but take a look at
> https://secure.darkuk.net to see the problem.
>
> Any ideas anyone? Maybe someone from cobalt can comment?
>
> Regards,
>
> Mark Baker
> Dark Marketing Ltd
> http://www.yoursitehere.co.uk
>
> Reply e-mail: mark@xxxxxxxxxxxxxxxxxx
> ----- Original Message -----
> From: Support <support@xxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Sent: Wednesday, September 13, 2000 10:59 PM
> Subject: [cobalt-users] Equifax Secure Certificate installation on RAQ3
>
>
> > It seems like a few people have had trouble getting their Equifax
> > certificate working on the RAQ3.  I know I did.  These instructions are
> what
> > Equifax sent me after a half a dozen e-mails.  I used the first of these
> > methods... and had a few problems, so I also did the second method.  And
> > everything is finally working great.  The certificate that I got was for
> the
> > server name itself.  I hope this helps someone out there.
> > BTW - thanks all for the helpful suggestions.
> > ===================================
> >
> > Instructions for installing Equifax certificates on
> > Cobalt RaQ3 and RaQ3i platforms.
> >
> > =========================================================
> >
> > A) If installing a certificate for the "main" site
> > (which automatically includes the web-based admin suite):
> >
> > 1) shut down the administrative Apache server, using (as root):
> > /etc/rc.d/init.d/admserv stop
> >
> > 2) Copy the contents of "Your_Web_Server_Certificate.txt"
> > into the file:  /home/sites/home/certs/certificate
> > Be sure to copy the ENTIRE certificate contents from
> > the "-----BEGIN CERTIFICATE-----" up to and including
> > the "-----END CERTIFICATE-----" lines.
> >
> > 3) Copy the contents of "Equifax_Secure_eBusiness_CA-2.txt"
> > into the file:  /home/sites/home/certs/ca
> > Be sure to copy the ENTIRE certificate contents from
> > the "-----BEGIN CERTIFICATE-----" up to and including
> > the "-----END CERTIFICATE-----" lines.
> >
> > 4) Edit the file:
> > /etc/admserv/conf/ssl.conf
> > making sure the bottom of the file reads as follows:
> >
> > #   Server Certificate:
> > SSLCertificateFile    /home/sites/home/certs/certificate
> > SSLCertificateKeyFile /home/sites/home/certs/key
> > SSLCACertificateFile  /home/sites/home/certs/ca
> >
> > 5) Restart the administrative apache server, using:
> > /etc/rc.d/init.d/admserv start
> >
> > =========================================================
> >
> > B) If installing a certificate for a virtual site (eg. "site1"):
> >
> > 1) shut down the main Apache server, using (as root):
> > /etc/rc.d/init.d/httpd stop
> >
> > 2) Copy the contents of "Your_Web_Server_Certificate.txt"
> > into the file: /home/sites/site1/certs/certificate
> > [replace "site1" as appropriate]
> > Be sure to copy the ENTIRE certificate contents from
> > the "-----BEGIN CERTIFICATE-----" up to and including
> > the "-----END CERTIFICATE-----" lines.
> >
> > 3) Copy the contents of "Equifax_Secure_eBusiness_CA-2.txt"
> > into the file:  /home/sites/site1/certs/ca
> > [replace "site1" as appropriate]
> > Be sure to copy the ENTIRE certificate contents from
> > the "-----BEGIN CERTIFICATE-----" up to and including
> > the "-----END CERTIFICATE-----" lines.
> >
> > 4) Edit the file:
> > /etc/httpd/conf/httpd.conf
> > making sure the appropriate part of the file reads:
> >
> >         # Hardcoded, issues with mod_perl and cobalt modules.
> >         if (/^<\/Virtual/ and (-f "/etc/httpd/ssl/$group")) {
> >             $ret = ssl_cert_check("/home/sites/$group/certs/");
> >             if ($ret=~/^2/o) {
> >                 $PerlConfig .= "Listen $ip:443\n";
> >                 $PerlConfig .= "<VirtualHost $ip:443>\n";
> >                 $PerlConfig .= "SSLengine on\n";
> > $PerlConfig .= "SSLCertificateFile
> /home/sites/$group/certs/certificate\n";
> > $PerlConfig .= "SSLCertificateKeyFile /home/sites/$group/certs/key\n";
> > $PerlConfig .= "SSLCACertificateFile /home/sites/$group/certs/ca\n";
> >                 $PerlConfig .= join('', @ssl_conf);
> >             } elsif (ssl_cert_check("/home/sites/home/certs/") =~ /^2/ ) {
> >                 $PerlConfig .= "Listen $ip:443\n";
> >                 $PerlConfig .= "<VirtualHost $ip:443>\n";
> >                 $PerlConfig .= "SSLengine on\n";
> > $PerlConfig .= "SSLCertificateFile /home/sites/home/certs/certificate\n";
> > $PerlConfig .= "SSLCertificateKeyFile /home/sites/home/certs/key\n";
> > $PerlConfig .= "SSLCACertificateFile /home/sites/home/certs/ca\n";
> >                 $PerlConfig .= join('', @ssl_conf);
> >             } else {
> >                 print STDERR "Site $group has invalid certificate:
> $ret\n";
> >
> > 5) Restart the main Apache server, using:
> > /etc/rc.d/init.d/httpd start
> >
> > Note: If installing more than one certificate on a single RaQ3(i),
> > each relevant site must be on its own IP address.
> >
> > =========================================================
> > Michael Snudden
> > http://raventec.com
> >
> >
> >
> > _______________________________________________
> > cobalt-users mailing list
> > cobalt-users@xxxxxxxxxxxxxxx
> > To Subscribe or Unsubscribe, please go to:
> > http://list.cobalt.com/mailman/listinfo/cobalt-users
>
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>

Follow-Ups:
- RE: [cobalt-users] Equifax Secure Certificate installation on RAQ3
  - From: Dan
- RE: [cobalt-users] Equifax Secure Certificate installation on RAQ3
  - From: Cobalt
- Re: [cobalt-users] Equifax Secure Certificate installation on RAQ3
  - From: Mark Baker - Cobalt Lists
- RE: [cobalt-users] Equifax Secure Certificate installation on RAQ3
  - From: flash22

References:
- Re: [cobalt-users] Equifax Secure Certificate installation on RAQ3
  - From: Mark Baker - Cobalt Lists

Prev by Date: RE: [cobalt-users] e-mail problem
Next by Date: RE: [cobalt-users] Equifax Secure Certificate installation on RAQ3
Previous by thread: Re: [cobalt-users] Equifax Secure Certificate installation on RAQ3
Next by thread: RE: [cobalt-users] Equifax Secure Certificate installation on RAQ3

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index