[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Equifax Secure Certificate installation on RAQ3

Thats the problem, its a real certificate. What can I do?

Regards,

Mark Baker
Dark Marketing Ltd
http://www.yoursitehere.co.uk

Reply e-mail: mark@xxxxxxxxxxxxxxxxxx
----- Original Message -----
From: Jerald C Jones <jcjones@xxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Saturday, September 16, 2000 5:20 PM
Subject: RE: [cobalt-users] Equifax Secure Certificate installation on RAQ3


> Hmmmm. When I try to go to your secure site, I get an error from my
browser that it does not recognise the issuer of the certificate
> and it asks me if I want to trust the cert or not (Using IE 5).  This is
exactly the same behavior I get from my site when I use a
> Self Signed certificate.
>
> JC Jones  :)
>
> > -----Original Message-----
> > From: cobalt-users-admin@xxxxxxxxxxxxxxx
> > [mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Mark Baker -
> > Cobalt Lists
> > Sent: Saturday, September 16, 2000 4:03 AM
> > To: cobalt-users@xxxxxxxxxxxxxxx
> > Subject: Re: [cobalt-users] Equifax Secure Certificate installation on
> > RAQ3
> >
> >
> > We were told that these instructions are wrong, and we designed for the
> > RaQ2, so you can paste the certificate in to the normal GUI window.
> >
> > However we had to rebuild our RaQ3  (after the certificate installation
> > damaged it) so I backed up the key file e.t.c but now I'm not having any
> > luck getting the certificate to work again!
> > It pastes in OK and doesn't give any errors, but take a look at
> > https://secure.darkuk.net to see the problem.
> >
> > Any ideas anyone? Maybe someone from cobalt can comment?
> >
> > Regards,
> >
> > Mark Baker
> > Dark Marketing Ltd
> > http://www.yoursitehere.co.uk
> >
> > Reply e-mail: mark@xxxxxxxxxxxxxxxxxx
> > ----- Original Message -----
> > From: Support <support@xxxxxxxxxxxx>
> > To: <cobalt-users@xxxxxxxxxxxxxxx>
> > Sent: Wednesday, September 13, 2000 10:59 PM
> > Subject: [cobalt-users] Equifax Secure Certificate installation on RAQ3
> >
> >
> > > It seems like a few people have had trouble getting their Equifax
> > > certificate working on the RAQ3.  I know I did.  These instructions
are
> > what
> > > Equifax sent me after a half a dozen e-mails.  I used the first of
these
> > > methods... and had a few problems, so I also did the second method.
And
> > > everything is finally working great.  The certificate that I got was
for
> > the
> > > server name itself.  I hope this helps someone out there.
> > > BTW - thanks all for the helpful suggestions.
> > > ===================================
> > >
> > > Instructions for installing Equifax certificates on
> > > Cobalt RaQ3 and RaQ3i platforms.
> > >
> > > =========================================================
> > >
> > > A) If installing a certificate for the "main" site
> > > (which automatically includes the web-based admin suite):
> > >
> > > 1) shut down the administrative Apache server, using (as root):
> > > /etc/rc.d/init.d/admserv stop
> > >
> > > 2) Copy the contents of "Your_Web_Server_Certificate.txt"
> > > into the file:  /home/sites/home/certs/certificate
> > > Be sure to copy the ENTIRE certificate contents from
> > > the "-----BEGIN CERTIFICATE-----" up to and including
> > > the "-----END CERTIFICATE-----" lines.
> > >
> > > 3) Copy the contents of "Equifax_Secure_eBusiness_CA-2.txt"
> > > into the file:  /home/sites/home/certs/ca
> > > Be sure to copy the ENTIRE certificate contents from
> > > the "-----BEGIN CERTIFICATE-----" up to and including
> > > the "-----END CERTIFICATE-----" lines.
> > >
> > > 4) Edit the file:
> > > /etc/admserv/conf/ssl.conf
> > > making sure the bottom of the file reads as follows:
> > >
> > > #   Server Certificate:
> > > SSLCertificateFile    /home/sites/home/certs/certificate
> > > SSLCertificateKeyFile /home/sites/home/certs/key
> > > SSLCACertificateFile  /home/sites/home/certs/ca
> > >
> > > 5) Restart the administrative apache server, using:
> > > /etc/rc.d/init.d/admserv start
> > >
> > > =========================================================
> > >
> > > B) If installing a certificate for a virtual site (eg. "site1"):
> > >
> > > 1) shut down the main Apache server, using (as root):
> > > /etc/rc.d/init.d/httpd stop
> > >
> > > 2) Copy the contents of "Your_Web_Server_Certificate.txt"
> > > into the file: /home/sites/site1/certs/certificate
> > > [replace "site1" as appropriate]
> > > Be sure to copy the ENTIRE certificate contents from
> > > the "-----BEGIN CERTIFICATE-----" up to and including
> > > the "-----END CERTIFICATE-----" lines.
> > >
> > > 3) Copy the contents of "Equifax_Secure_eBusiness_CA-2.txt"
> > > into the file:  /home/sites/site1/certs/ca
> > > [replace "site1" as appropriate]
> > > Be sure to copy the ENTIRE certificate contents from
> > > the "-----BEGIN CERTIFICATE-----" up to and including
> > > the "-----END CERTIFICATE-----" lines.
> > >
> > > 4) Edit the file:
> > > /etc/httpd/conf/httpd.conf
> > > making sure the appropriate part of the file reads:
> > >
> > >         # Hardcoded, issues with mod_perl and cobalt modules.
> > >         if (/^<\/Virtual/ and (-f "/etc/httpd/ssl/$group")) {
> > >             $ret = ssl_cert_check("/home/sites/$group/certs/");
> > >             if ($ret=~/^2/o) {
> > >                 $PerlConfig .= "Listen $ip:443\n";
> > >                 $PerlConfig .= "<VirtualHost $ip:443>\n";
> > >                 $PerlConfig .= "SSLengine on\n";
> > > $PerlConfig .= "SSLCertificateFile
> > /home/sites/$group/certs/certificate\n";
> > > $PerlConfig .= "SSLCertificateKeyFile /home/sites/$group/certs/key\n";
> > > $PerlConfig .= "SSLCACertificateFile /home/sites/$group/certs/ca\n";
> > >                 $PerlConfig .= join('', @ssl_conf);
> > >             } elsif (ssl_cert_check("/home/sites/home/certs/") =~
/^2/ ) {
> > >                 $PerlConfig .= "Listen $ip:443\n";
> > >                 $PerlConfig .= "<VirtualHost $ip:443>\n";
> > >                 $PerlConfig .= "SSLengine on\n";
> > > $PerlConfig .= "SSLCertificateFile
/home/sites/home/certs/certificate\n";
> > > $PerlConfig .= "SSLCertificateKeyFile /home/sites/home/certs/key\n";
> > > $PerlConfig .= "SSLCACertificateFile /home/sites/home/certs/ca\n";
> > >                 $PerlConfig .= join('', @ssl_conf);
> > >             } else {
> > >                 print STDERR "Site $group has invalid certificate:
> > $ret\n";
> > >
> > > 5) Restart the main Apache server, using:
> > > /etc/rc.d/init.d/httpd start
> > >
> > > Note: If installing more than one certificate on a single RaQ3(i),
> > > each relevant site must be on its own IP address.
> > >
> > > =========================================================
> > > Michael Snudden
> > > http://raventec.com
> > >
> > >
> > >
> > > _______________________________________________
> > > cobalt-users mailing list
> > > cobalt-users@xxxxxxxxxxxxxxx
> > > To Subscribe or Unsubscribe, please go to:
> > > http://list.cobalt.com/mailman/listinfo/cobalt-users
> >
> >
> > _______________________________________________
> > cobalt-users mailing list
> > cobalt-users@xxxxxxxxxxxxxxx
> > To Subscribe or Unsubscribe, please go to:
> > http://list.cobalt.com/mailman/listinfo/cobalt-users
> >
>
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users