[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] Equifax Secure Certificate installation on RAQ3
- Subject: RE: [cobalt-users] Equifax Secure Certificate installation on RAQ3
- From: "Cobalt" <cobalt@xxxxxxxxxxxx>
- Date: Sat Sep 16 13:40:23 2000
I had this same problem. I ended up talking to a tech support guy that was
extremely helpful. I think his name was Richard or Rick. I had to make a
couple of modifications to the instructions. Apparently there are different
instructions for different RAQ3's. Must be something to do with OS updates
or something.
Anyway, I would highly recommend sending in an email and ask for them to
give you a call. It took him about 10 minutes to work our way to a
solution.
Scott
> -----Original Message-----
> From: cobalt-users-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Jerald C Jones
> Sent: Saturday, September 16, 2000 9:20 AM
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: RE: [cobalt-users] Equifax Secure Certificate installation on
> RAQ3
>
>
> Hmmmm. When I try to go to your secure site, I get an error from
> my browser that it does not recognise the issuer of the certificate
> and it asks me if I want to trust the cert or not (Using IE 5).
> This is exactly the same behavior I get from my site when I use a
> Self Signed certificate.
>
> JC Jones :)
>
> > -----Original Message-----
> > From: cobalt-users-admin@xxxxxxxxxxxxxxx
> > [mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Mark Baker -
> > Cobalt Lists
> > Sent: Saturday, September 16, 2000 4:03 AM
> > To: cobalt-users@xxxxxxxxxxxxxxx
> > Subject: Re: [cobalt-users] Equifax Secure Certificate installation on
> > RAQ3
> >
> >
> > We were told that these instructions are wrong, and we designed for the
> > RaQ2, so you can paste the certificate in to the normal GUI window.
> >
> > However we had to rebuild our RaQ3 (after the certificate installation
> > damaged it) so I backed up the key file e.t.c but now I'm not having any
> > luck getting the certificate to work again!
> > It pastes in OK and doesn't give any errors, but take a look at
> > https://secure.darkuk.net to see the problem.
> >
> > Any ideas anyone? Maybe someone from cobalt can comment?
> >
> > Regards,
> >
> > Mark Baker
> > Dark Marketing Ltd
> > http://www.yoursitehere.co.uk
> >
> > Reply e-mail: mark@xxxxxxxxxxxxxxxxxx
> > ----- Original Message -----
> > From: Support <support@xxxxxxxxxxxx>
> > To: <cobalt-users@xxxxxxxxxxxxxxx>
> > Sent: Wednesday, September 13, 2000 10:59 PM
> > Subject: [cobalt-users] Equifax Secure Certificate installation on RAQ3
> >
> >
> > > It seems like a few people have had trouble getting their Equifax
> > > certificate working on the RAQ3. I know I did. These
> instructions are
> > what
> > > Equifax sent me after a half a dozen e-mails. I used the
> first of these
> > > methods... and had a few problems, so I also did the second
> method. And
> > > everything is finally working great. The certificate that I
> got was for
> > the
> > > server name itself. I hope this helps someone out there.
> > > BTW - thanks all for the helpful suggestions.
> > > ===================================
> > >
> > > Instructions for installing Equifax certificates on
> > > Cobalt RaQ3 and RaQ3i platforms.
> > >
> > > =========================================================
> > >
> > > A) If installing a certificate for the "main" site
> > > (which automatically includes the web-based admin suite):
> > >
> > > 1) shut down the administrative Apache server, using (as root):
> > > /etc/rc.d/init.d/admserv stop
> > >
> > > 2) Copy the contents of "Your_Web_Server_Certificate.txt"
> > > into the file: /home/sites/home/certs/certificate
> > > Be sure to copy the ENTIRE certificate contents from
> > > the "-----BEGIN CERTIFICATE-----" up to and including
> > > the "-----END CERTIFICATE-----" lines.
> > >
> > > 3) Copy the contents of "Equifax_Secure_eBusiness_CA-2.txt"
> > > into the file: /home/sites/home/certs/ca
> > > Be sure to copy the ENTIRE certificate contents from
> > > the "-----BEGIN CERTIFICATE-----" up to and including
> > > the "-----END CERTIFICATE-----" lines.
> > >
> > > 4) Edit the file:
> > > /etc/admserv/conf/ssl.conf
> > > making sure the bottom of the file reads as follows:
> > >
> > > # Server Certificate:
> > > SSLCertificateFile /home/sites/home/certs/certificate
> > > SSLCertificateKeyFile /home/sites/home/certs/key
> > > SSLCACertificateFile /home/sites/home/certs/ca
> > >
> > > 5) Restart the administrative apache server, using:
> > > /etc/rc.d/init.d/admserv start
> > >
> > > =========================================================
> > >
> > > B) If installing a certificate for a virtual site (eg. "site1"):
> > >
> > > 1) shut down the main Apache server, using (as root):
> > > /etc/rc.d/init.d/httpd stop
> > >
> > > 2) Copy the contents of "Your_Web_Server_Certificate.txt"
> > > into the file: /home/sites/site1/certs/certificate
> > > [replace "site1" as appropriate]
> > > Be sure to copy the ENTIRE certificate contents from
> > > the "-----BEGIN CERTIFICATE-----" up to and including
> > > the "-----END CERTIFICATE-----" lines.
> > >
> > > 3) Copy the contents of "Equifax_Secure_eBusiness_CA-2.txt"
> > > into the file: /home/sites/site1/certs/ca
> > > [replace "site1" as appropriate]
> > > Be sure to copy the ENTIRE certificate contents from
> > > the "-----BEGIN CERTIFICATE-----" up to and including
> > > the "-----END CERTIFICATE-----" lines.
> > >
> > > 4) Edit the file:
> > > /etc/httpd/conf/httpd.conf
> > > making sure the appropriate part of the file reads:
> > >
> > > # Hardcoded, issues with mod_perl and cobalt modules.
> > > if (/^<\/Virtual/ and (-f "/etc/httpd/ssl/$group")) {
> > > $ret = ssl_cert_check("/home/sites/$group/certs/");
> > > if ($ret=~/^2/o) {
> > > $PerlConfig .= "Listen $ip:443\n";
> > > $PerlConfig .= "<VirtualHost $ip:443>\n";
> > > $PerlConfig .= "SSLengine on\n";
> > > $PerlConfig .= "SSLCertificateFile
> > /home/sites/$group/certs/certificate\n";
> > > $PerlConfig .= "SSLCertificateKeyFile /home/sites/$group/certs/key\n";
> > > $PerlConfig .= "SSLCACertificateFile /home/sites/$group/certs/ca\n";
> > > $PerlConfig .= join('', @ssl_conf);
> > > } elsif
> (ssl_cert_check("/home/sites/home/certs/") =~ /^2/ ) {
> > > $PerlConfig .= "Listen $ip:443\n";
> > > $PerlConfig .= "<VirtualHost $ip:443>\n";
> > > $PerlConfig .= "SSLengine on\n";
> > > $PerlConfig .= "SSLCertificateFile
> /home/sites/home/certs/certificate\n";
> > > $PerlConfig .= "SSLCertificateKeyFile /home/sites/home/certs/key\n";
> > > $PerlConfig .= "SSLCACertificateFile /home/sites/home/certs/ca\n";
> > > $PerlConfig .= join('', @ssl_conf);
> > > } else {
> > > print STDERR "Site $group has invalid certificate:
> > $ret\n";
> > >
> > > 5) Restart the main Apache server, using:
> > > /etc/rc.d/init.d/httpd start
> > >
> > > Note: If installing more than one certificate on a single RaQ3(i),
> > > each relevant site must be on its own IP address.
> > >
> > > =========================================================
> > > Michael Snudden
> > > http://raventec.com
> > >
> > >
> > >
> > > _______________________________________________
> > > cobalt-users mailing list
> > > cobalt-users@xxxxxxxxxxxxxxx
> > > To Subscribe or Unsubscribe, please go to:
> > > http://list.cobalt.com/mailman/listinfo/cobalt-users
> >
> >
> > _______________________________________________
> > cobalt-users mailing list
> > cobalt-users@xxxxxxxxxxxxxxx
> > To Subscribe or Unsubscribe, please go to:
> > http://list.cobalt.com/mailman/listinfo/cobalt-users
> >
>
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>