Step 4: Install Web Server Certificates On Server 1; Install The Public Key Certificate; Install The Private Key Certificate; Verify The Certificates - Colubris Networks CN3000 Administrator's Manual

Chapter 14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Sample setup - Backend software - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Chapter 14

Step 4: Install web server certificates on Server 1

Certificates enable client station to validate the identity of a web server. Refer to
Chapter
how to create them. You can use the sample provided with this demo in
c:\colubris\certificates or create your own. Once you have created your certificates
install them as explained in this section.
Install the public The web server public key certificate will be contained in a password-protected file. To
avoid entering the password every time you start the server, you should decrypt the
key certificate
certificate before installing it.
1. Open a command-line session.
2. Go to the directory c:\colubris\certificates.
3. Run the command: decryptkey certificate > server.key
4. Copy server.key to c:\OpenSA\Apache\conf\ssl.key\. Overwrite an existing file if
Install the
The web server public key certificate will be contained in a .pem file.
1. Open a command-line session.
private key
2. Copy the certificate file (.pem) to the file server.crt. For example:
certificate
3. Copy server.crt to c:\OpenSA\Apache\conf\ssl.crt\. Overwrite an existing file if
Verify the
1. Launch a command-line session.
2. Edit the file c:\WINNT\system32\drivers\etc\hosts file and add the following line:
certificates
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 310 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
10: SSL certificates
Replace certificate with the name of the certificate file. If you are using the sample
provided, the PEM pass phrase is: www.company.com. For example:
C:\colubris\certificates>decryptkey www.company.com > server.key
read RSA key
Enter PEM pass phrase:
writing RSA key
The unencrypted certificate is written to server.key.
prompted.
c:\colubris\certificates>copy www.company.com.pem server.crt
prompted.
192.168.2.99 www.company.com
If you generated your own certificate replace www.company.com with the name
you specified in your certificate.
for complete discussion of certificates and examples on