Before You Begin; Using Existing Keys And Certificates - SonicWALL SSL-R User Manual

Secure sockets layer ffloading solutions that allow servers to provide both secure and non-secure services at the same high speeds

Hide thumbs Also See for SSL-R:

Hardware manual (4 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

Table of Contents

•

Use 443 as the SSL TCP service port and 81 (or another unused port) for the clear

text port. Configure the server to monitor port 81. TCP service port 80 requests are

serviced normally.

All data sent on any other port is passed through transparently in both directions. See the

remoteport and sslport commands in Chapter C Command Summary.

Before You Begin

Before configuring the SSL appliance you must have a certificate and keys for the server.

You can use the files you received from the Certificate Authority, copy the keys and

certificate from an existing secure server, or generate keys and certificates with OpenSSL.

Additionally, be aware that you must make several changes to your web pages. The nature

of the changes depends upon whether you are securing a previously unsecured site, or

adding the SSL appliance to an already secure server installation. These changes are

described in section "Website Configuration" in Chapter 2 Installation.

Using Existing Keys and Certificates

If you already have a secure server, you can transfer the keys and certificate to the SSL

appliance. Follow the instructions below, or refer to the web server software

documentation for detailed information.

Key and certificate file names cannot contain spaces and must be compatible with

Note:

the server operating system. When prompted either to name a key or certificate

file or check the name of a key or certificate file, please ensure the names follow

these conventions.

Apache mod_SSL

The key and certificate locations are listed in the $APACHEROOT/conf/httpd.conf file.

The default key is $APACHEROOT/conf/ssl.key/*.key. The default certificate is

$APACHEROOT/conf/ssl.crt/*.crt. Note the name and location of these elements.

ApacheSSL

The key and certificate locations are listed in the $APACHESSLROOT/conf/httpd.conf

file. The default key is $APACHEROOT/certs/*.key. The default certificate is

$APACHEROOT/certs/*.crt. Note the name and location of these elements.

Stronghold

The key and certificate locations are listed in the $STRONGHOLDROOT/conf/

httpd.conf file. The default key is $STRONGHOLDROOT/ssl/private/*.key. The

default certificate is $STRONGHOLDROOT/ssl/*.cert. Note the name and location of

these elements.

IIS 4 on Windows NT

The certificate file is in the directory specified when the certificate was downloaded.

Chapter 3 SSL Introduction

Page 27

Table of Contents

This manual is also suitable for:

Ssl-ia

Before You Begin; Using Existing Keys And Certificates - SonicWALL SSL-R User Manual

Before You Begin

Using Existing Keys and Certificates

Related Manuals for SonicWALL SSL-R

Related Content for SonicWALL SSL-R

This manual is also suitable for:

Table of Contents