Creating an authorized SSL certificate

Similar documents
Server software page. Certificate Signing Request (CSR) Generation. Software

GlobalForms SSL Installation Tech Brief

SafeNet KMIP and Google Drive Integration Guide

C O N F IGURIN G EN HA N C ED SEC U RITY O PTIONS F O R REMOTE C O N TROL

FileAudit Plus. Steps for Enabling SSL: The following steps will help you in the installation of SSL certificate in FileAudit Plus

SSL Configuration Oracle Banking Liquidity Management Release [April] [2017]

Director and Certificate Authority Issuance

SSL/TLS Certificate Generation

Securing U2 Soap Server

Tomcat SSL Certificate Deployment Guide (generate CSR by customer)

SSL/TLS Certificate Generation

Configuring the RTP Server

SSL/TLS Certificate Generation

Meteor Quick Setup Guide Version 1.11

Configuring SSL for EPM /4 Products (Cont )

Unified Management Portal

IEA 2048 Bit Key Support for CSR on IEA Configuration Example

IceWarp SSL Certificate Process

Deploy In-Memory Parallel Graph Analytics (PGX) to Oracle Java Cloud Service (JCS)

Weblogic Configuration Oracle FLEXCUBE Investor Servicing Release [October] [2015]

Configuring IBM Rational Synergy to use HTTPS Protocol

Weblogic Configuration Oracle FLEXCUBE Universal Banking Release [May] [2017]

Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at

SAML with ADFS Setup Guide

Certificate Properties File Realm

Public Key Enabling Oracle Weblogic Server

Creating and Installing SSL Certificates (for Stealthwatch System v6.10)

Prepaid Online Vending System. XMLVend 2.1 Test Suite Setup Instructions

Scenarios for Setting Up SSL Certificates for View. VMware Horizon 6 6.0

DOCUMENT DESCRIPTION...

Getting Started with the VQE Startup Configuration Utility

Scenarios for Setting Up SSL Certificates for View. Modified for Horizon VMware Horizon 7 7.3

Using Certificates with HP Network Automation

Assuming you have Icinga 2 installed properly, and the API is not enabled, the commands will guide you through the basics:

Oracle Insurance Rules Palette

SAML-Based SSO Configuration

System Setup. Accessing the Administration Interface CHAPTER

Implementing Secure User Access, page 3-2 Creating Secure Passwords, page 3-6 Configuring Prime Performance Manager User Account Levels, page 3-6

Perceptive SOAPBridge Connector

akkadian Global Directory 3.0 System Administration Guide

ADSelfService Plus: Guide to Install SSL Certificate. 1 P a g e

Cisco WCS Server Hardening

SSL or TLS Configuration for Tomcat Oracle FLEXCUBE Universal Banking Release [December] [2016]


Enabling Microsoft Outlook Calendar Notifications for Meetings Scheduled from the Cisco Unified MeetingPlace End-User Web Interface

Getting Started with the VQE Startup Configuration Utility

Wildcard Certificates

How SSL works with Middle Tier Oracle HTTP Server:

SSL Configuration on WebSphere Oracle FLEXCUBE Universal Banking Release [February] [2016]

VMware vcloud Architecture Toolkit Implementation Examples. Version 3.1 January 2013

Corporate Infrastructure Solutions for Information Systems (LUX) ECAS Mockup Server Installation Guide

Configuring Oracle Java CAPS for SSL Support

Fischer International Identity Fischer Identity Suite 4.2

Configuring Java CAPS for SSL Support

Oracle Payment Interface Oracle Hospitality OPERA Property Management System Installation Guide Release 6.2 E

ADFS Setup (SAML Authentication)

Fasthosts Customer Support Generating Certificate Signing Requests

Enabling Secure Sockets Layer for a Microsoft SQL Server JDBC Connection

SAP Business One Integration Framework

Managing AON Security

Let's Encrypt - Free SSL certificates for the masses. Pete Helgren Bible Study Fellowship International San Antonio, TX

Generating Certificate Signing Requests

Oracle Insurance Policy Administration Configuration of SAML 1.1 Between OIPA and OIDC

Installation Manual. Universitätsstraße Koblenz Germany. VERSION: 11.x

Symantec PKI Enterprise Gateway Deployment Guide. v8.15

End User Experience Management

FortiNAC. Analytics SSL Certificates. Version: 5.x Date: 8/28/2018. Rev: D

DEPLOYING ORACLE ENTERPRISE MANAGER 12C IN A COMPLEX NETWORKING ENVIRONMENT Telstra Corporation Limited. All rights reserved

OpenAM Single Sign-On

PowerSchool Student Information System

AUTHORIZED DOCUMENTATION. Installation Guide. Novell Cloud Manager 1.1. December 8,

Fabric Manager Web Server

MARWATCH INSTALLATION AND UPGRADE GUIDE

PKI Cert Creation via Good Control: Reference Implementation

Mitel MiVoice Connect Security Certificates

HPE Enterprise Integration Module for SAP Solution Manager 7.1

HPE AutoPass License Server

Public Key Infrastructures

CSM - How to install Third-Party SSL Certificates for GUI access

This help covers the ordering, download and installation procedure for Odette Digital Certificates.

Quick and Easy Solutions With Free Java Libraries

Intelligence On Demand. Enterprise

BEAAquaLogic. Enterprise Security. Administration and Deployment Guide

Genesys Security Deployment Guide. What You Need

Using ISE 2.2 Internal Certificate Authority (CA) to Deploy Certificates to Cisco Platform Exchange Grid (pxgrid) Clients

VMware vcloud Architecture Toolkit Implementation Examples. Version 3.0 September 2012

Host Access Management and Security Server Administrative Console Users Guide. August 2016

Please select your version

IWeb. Installation Guide. v5.16.5

How to configure the UTM Web Application Firewall for Microsoft Remote Desktop Gateway connectivity

VMware vrealize Operations for Horizon Security. 20 SEP 2018 VMware vrealize Operations for Horizon 6.6

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

CYAN SECURE WEB HOWTO. SSL Intercept

Table of Contents 1 V3 & V4 Appliance Quick Start V4 Appliance Reference...3

Secure Web Appliance. SSL Intercept

Convio Data Sync Connector 3 Installation Guide

Installation Manual Oracle FLEXCUBE Corporate Lending [April] [2016] Part No. E

SSL Configuration: an example. July 2016

Using SSL to Secure Client/Server Connections

Configure IBM Rational Synergy with 3 rd Party LDAP Server. Release

Transcription:

Creating an authorized SSL certificate for MeetingSphere Meeting Center Server

MeetingSphere Meeting Center Server requires an authorized SSL certificate by which its Meeting center is identified, and traffic is encrypted. This document provides a step-by-step guide for creating such a certificate with Java Keytool. For your Meeting center, a simple non-wildcard SSL certificate will do. Any type of SSL certificate will expire after a specific period and need to be reissued. A. Create a private key-store Execute the following steps on a computer with Sun (Oracle) Java Development Kit 1.5 or higher. This could be your MeetingSphere Meeting Center Server which requires Sun (Oracle) JDK 1.8 in any case. 1. Call Keytool Execute the following command from the command-line prompt: keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -keystore domainname.kdb for domainname.kdb substitute your domain name. In the example this is example.com.kdb. If Java is installed correctly (Linux path variable: $JAVA_HOME/bin, Windows path variable %JAVA_HOME%\bin) you do not have to specify a path. If required, change directory to the java directory which contains the program keytool. Keytool: Creating a keystore file 2. Keystore password When prompted, specify the password for your keystore (Example: changeit ). Write this down! You require this password when deploying the keystore in the Meeting Center Server console. 2017 MeetingSphere December 2017 page 2

3. (Sub) domain name When asked What is your first and last name? specify the (sub)domain name by which your Meeting center is registered in the DNS. For a simple non-wildcard certificate you have to specify the full domain name (here example.com ) If, however, the hostname registered in the DNS results in a URL like https://meetingsphere.example.com, specify meetingsphere.example.com (everything after https:// ). In this case, use meetingsphere.example.com also as the file name of your keystore! Be aware that every combination of characters to the left of the domain name and separated by a dot constitutes a sub domain: www.example.com is a sub domain of example.com and is not covered by a simple certificate for example.com. Any discrepancy between (sub) domain name in the keystore and the actual address of your Meeting center will cause security alerts in the users browsers! 4. Organizational unit / Organization Specify the name of your department and the complete legal name of your organization. In the example this is Meeting Management and Example Inc. You may specify your organization name also for Organizational unit. Note the characters allowed for this and the following information are restricted. Characters [! @ # $ % ^ ( ) ~? > < & / \,. " '] are illegal. 5. City, state and country In the example given above these are Hamburg (city), Hamburg (state) and DE for Germany. The country is specified with its 2-letter country code according to ISO 3166-1 alpha 2 which is also used by e.g. NATO. Examples: DE, GB, FR, ES, US, JP. 6. Verify your specification keytool will display your specification for confirmation. If correct, confirm with yes. 7. Password for <tomcat> keytool prompts you again for a password. Press enter to confirm the password given above. 8. Creation and backup of the keystore file On confirmation of the password for <tomcat>, the specified keystore file (in the example example.com.kdb ) will be created and stored in the directory from which keytool was called. Create a backup of the keystore file. 2017 MeetingSphere December 2017 page 3

B. Certificate signing request (CSR) 9. Call Keytool From the command prompt, call keytool : keytool -certreq -alias tomcat -keystore domainname.kdb -file domainname.csr substitute the file name you have specified in step 1 above (e.g. example.com.kdb ) for domainname.kdb. Use that name also for the signing-request file. In our example domainname.csr should read example.com.csr. When prompted, give the password of the keystore (here: changeit ). Keytool: Creating a signing request Create another backup of the keystore, as step 9 may lead to different results if repeated. 10. Getting the domain and the SSL root certificate With your web browser go to the homepage of your SSL provider (certificate authority). Follow instructions for creating an SSL certificate. Typically, you will be asked to upload the csr file (in our example example.com.csr from the directory from which you have called keytool. Alternatively, you may be asked to open the csr file in an editor and paste its content into an input box. At the end of this procedure you will receive (by download or email) a certificate for your domain and an SSL root certificate of the certificate authority. C. Finalize the keystore To finalize the keystore, you must copy the received certificates to the directory from which you have called keytool and where the keystore (in our example example.com.kdb ) and the signing request (in our example example.com.csr ) reside. Before importing the certificates, create a backup of these files, e.g. example.com.kdb.bak. The following description presupposes two certificates i.e. the root certificate and the domain certificate. Should your SSL provider supply more than two certificates, follow the directions given by your SSL provider. However, make sure that the alias given for your certificate in steps 1 and 9 is tomcat. 11. Import the root certificate into the keystore Call keytool again: keytool -import -trustcacerts -keystore domainname.kdb -alias root -file root.cer 2017 MeetingSphere December 2017 page 4

where - domainname.kdb is your kdb file (in our example example.com.kdb ) - root.cer is the certificate of your certificate authority Keytool: Import of the root certificate in the keystore When prompted, give the password as specified in step 1 (Example: changeit ). Possibly you will be informed that the root certificate is already included in the system-wide keystore. In any case, confirm with yes! You want to add the root certificate to your specific SSL keystore! Note: Simple confirmation with Enter would count as no! 12. Import the SSL domain certificate into the Keystore Call keytool again: keytool -import -trustcacerts -keystore domainname.kdb -alias tomcat -file domainname.cer Where - domainname.kdb is your keystore file (in our example example.com.kdb ) - domainname.cer is the domain certificate received from your SSL provider (example: example.com.cer ). When prompted, give your password (example: changeit ). Keytool: Import of the domain certificate into the keystore 2017 MeetingSphere December 2017 page 5

Your keystore domainname.kdb (in the example: example.com.kdb ) is now complete and ready for use. Create a backup and store of this file in a safe place! D. Install the keystore on the Meeting Center Server 13. Upload the keystore in the server console Open the application server console > Server administration > SSL keystore control. - Specify uploaded keystore. - Upload the keystore and specify the password. MeetingSphere Inc 440 Monticello Ave, Suite 1875 Norfolk, VA 23510 United States of America www.meetingsphere.com T: 1 (703) 348 0725 Sales: sales@meetingsphere.com Support: http://meetingsphere.com/support 2017 MeetingSphere December 2017 page 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback