Rhn Ssl Maintenance Tool Options - Red Hat NETWORK SATELLITE 5.1.0 - CLIENT Configuration Manual
Client configuration
Hide thumbs
Also See for NETWORK SATELLITE 5.1.0 - CLIENT:
- Release note (12 pages) ,
- Manual (40 pages) ,
- Reference manual (300 pages)
Table of Contents
Advertisement
Chapter 3. SSL Infrastructure
that has the
rhns-certs-tools
be stored anywhere for safe keeping and then installed wherever the need arises.
Again, if your infrastructure's top-level RHN Server is the most current RHN Satellite Server, the
most you may have to do is restore your
and utilize the configuration tools provided within the RHN Satellite Server's website.
To make the best use of the RHN SSL Maintenance Tool, complete the following high-level
tasks in roughly this order. Refer to the remaining sections for the required details:
1. Install the
rhns-certs-tools
necessarily the RHN Satellite Server or RHN Proxy Server.
2. Create a single Certificate Authority SSL key pair for your organization and install the
resulting RPM or public certificate on all client systems.
3. Create a Web server SSL key set for each of the Proxies and Satellites to be deployed and
install the resulting RPMs on the RHN Servers, restarting the
/sbin/service httpd restart
4. Archive the SSL build tree - consisting of the primary build directory and all subdirectories
and files - to removable media, such as a floppy disk. (Disk space requirements are
insignificant.)
5. Verify and then store that archive in a safe location, such as the one described for backups in
the Additional Requirements sections of either the Proxy or Satellite installation guide.
6. Record and secure the CA password for future use.
7. Delete the build tree from the build system for security purposes, but only once the entire
RHN infrastructure is in place and configured.
8. When additional Web server SSL key sets are needed, restore the build tree on a system
running the RHN SSL Maintenance Tool and repeat steps 3 through 7.
2.2. RHN SSL Maintenance Tool Options
The RHN SSL Maintenance Tool offers a plethora of command line options for generating your
Certificate Authority SSL key pair and managing your server SSL certificates and keys. The tool
offers essentially three command line option help listings:
rhn-ssl-tool --gen-ca --help
(Web server). The manual page for rhn-ssl-tool is also quite detailed and available to
--help
assist:
man rhn-ssl-tool
The two tables below break down the options by their related task, either CA or Web server SSL
key set generation.
14
package installed. Portability exists in a build structure that can
ssl-build
package on a system within your organization, perhaps but not
(Certificate Authority), and
.
tree from an archive to the
service afterwards:
httpd
rhn-ssl-tool --help
rhn-ssl-tool --gen-server
directory
/root
(general),
Advertisement
Table of Contents
Need help?
Do you have a question about the NETWORK SATELLITE 5.1.0 - CLIENT and is the answer not in the manual?