Table of Contents
Advertisement
Provisioning Tutorial
Secure Resync
STEP 1
STEP 2
STEP 3
STEP 4
STEP 5
STEP 6
STEP 7
STEP 8
Cisco Small Business IP Telephony Devices Provisioning Guide
Exercise
Install an HTTPS server on a host whose IP address is known to the network DNS
server, through normal hostname translation.
The open source Apache server can be configured to operate as an HTTPS
server, when installed with the open source mod_ssl package.
Generate a server Certificate Signing Request for the server.
For this step, you might need to install the open source OpenSSL package or
equivalent software. If using OpenSSL, the command to generate the basic CSR
file is as follows:
openssl req –new –out provserver.csr
This command generates a public/private key pair, which is saved in the
privkey.pem file.
Submit the CSR file (provserver.csr) to Cisco for signing.
A signed server certificate is returned (provserver.cert) along with a Sipura CA
Client Root Certificate, spacroot.cert.
Store the signed server certificate, the private key pair file, and the client root
certificate in the appropriate locations on the server.
In the case of an Apache installation on Linux, these locations are typically as
follows:
# Server Certificate:
SSLCertificateFile /etc/httpd/conf/provserver.cert
# Server Private Key:
SSLCertificateKeyFile /etc/httpd/conf/pivkey.pem
# Certificate Authority:
SSLCACertificateFile /etc/httpd/conf/spacroot.cert
Restart the server.
Copy the basic.txt configuration profile from the earlier exercises onto the virtual
root directory of the HTTPS server.
Verify proper server operation by downloading basic.txt from the HTTPS server,
using a standard browser from the local PC.
3
71
Advertisement
Table of Contents
