SWITCHBOARD SECURITY



Similar documents
LAB :: Secure HTTP traffic using Secure Sockets Layer (SSL) Certificate

LAB :: Secure HTTP traffic using Secure Sockets Layer (SSL) Certificate

e-cert (Server) User Guide For Apache Web Server

Browser-based Support Console

Installation Procedure SSL Certificates in IIS 7

>copy openssl.cfg openssl.conf (use the example configuration to create a new configuration)

Creating a Free Trusted SSL Cert with StartSSL for use with Synctuary

e-cert (Server) User Guide For Microsoft IIS 7.0

User Manual. User Manual Version

CTERA Portal Datacenter Edition

SSL Insight Certificate Installation Guide

Unifying Information Security. Implementing TLS on the CLEARSWIFT SECURE Gateway

LoadMaster SSL Certificate Quickstart Guide

Scenarios for Setting Up SSL Certificates for View

Wavecrest Certificate

Server Certificate: Apache + mod_ssl + OpenSSL

Generating and Installing SSL Certificates on the Cisco ISA500

Install an SSL Certificate onto SilverStream. Sender Recipient Attached FIles Pages Date. Development Internal/External None 5 6/16/08

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

FUJITSU Cloud IaaS Trusted Public S5 Configuring a Server Load Balancer

Generating and Renewing an APNs Certificate. Technical Paper May 2012

SSL Intercept Mode. Certificate Installation Guide. Revision Warning and Disclaimer

Proto Balance SSL TLS Off-Loading, Load Balancing. User Manual - SSL.

Using Client Side SSL Certificate Authentication on the WebMux

App Orchestration 2.0

Security Workshop. Apache + SSL exercises in Ubuntu. 1 Install apache2 and enable SSL 2. 2 Generate a Local Certificate 2

INSTALLING YOUR SSL CERTIFICATE ON THE FILEHOLD SERVER ON WINDOWS 2008 X64 ON IIS 7

Using Microsoft Expression Web to Upload Your Site

Generating SSH Keys and SSL Certificates for ROS and ROX Using Windows AN22

App Orchestration 2.5

Using Internet or Windows Explorer to Upload Your Site

ECA IIS Instructions. January 2005

Setting Up SSL on IIS6 for MEGA Advisor

To enable https for appliance

unigui Developer's Manual 2014 FMSoft Co. Ltd.

SSL Interception on Proxy SG

HTTPS Configuration for SAP Connector

Account Create for Outlook Express

Exercises: FreeBSD: Apache and SSL: SANOG VI IP Services Workshop

Getting Started. Install the Omni Mobile Client

SSL Certificate Generation

Junos Pulse VPN Client Installation

Laboratory Exercises VI: SSL/TLS - Configuring Apache Server

SolarWinds Technical Reference

Application Note AN1502

Trusting the ECA Certificate Authority in Microsoft Internet Explorer

App Orchestration 2.5

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

Installing and Configuring vcloud Connector

Kaseya 2. User Guide. Version 6.1

Installing an SSL Certificate Provided by a Certificate Authority (CA) on the BlueSecure Controller (BSC)

Generating a Certificate Signing Request (CSR) from LoadMaster

Microsoft IIS 7 Guide to Installing Root Certificates, Generating CSR and Installing certificate

Clearswift Information Governance

SSL Certificates in IPBrick

Outlook Web Access Guide to Installing Root Certificates, Generating CSR and Installing SSL Certificate

Microsoft Exchange 2010 and 2007

How to Obtain an APNs Certificate for CA MDM

Installing an SSL Certificate Provided by a Certificate Authority (CA) on the vwlan Appliance

Sophos Mobile Control Installation guide. Product version: 3.5

Linux Deployment Guide. How to deploy Network Shutdown Module for Linux

SSL Management Reference

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

Novell ichain Guide to Installing Root Certificates, Generating CSR and Installing SSL Certificate

The IceWarp SSL Certificate Process

IceWarp SSL Certificate Process

BEA Weblogic Guide to Installing Root Certificates, Generating CSR and Installing SSL Certificate

NeoMail Guide. Neotel (Pty) Ltd

Enterprise SSL Support

Massey University Wireless Network Client Configuration Mac OS X

ViMP 3.0. SSL Configuration in Apache 2.2. Author: ViMP GmbH

Secure IIS Web Server with SSL

Sophos Mobile Control Installation guide. Product version: 3.6

Magrathea Root Certificate Authority (Root CA) installation

Obtaining SSL Certificates for VMware View Servers

How to: Install an SSL certificate

isupplier PORTAL ACCESS SYSTEM REQUIREMENTS

Iowa Immunization Registry Information System (IRIS) Web Services Data Exchange Setup. Version 1.1 Last Updated: April 14, 2014

MassTransit 6.0 Enterprise Web Configuration for Macintosh OS 10.5 Server

EventTracker Windows syslog User Guide

KMIP installation Guide. DataSecure and KeySecure Version SafeNet, Inc

Configuring a Windows 2003 Server for IAS

1. If there is a temporary SSL certificate in your /ServerRoot/ssl/certs/ directory, move or delete it. 2. Run the following command:

Using the FDO Remote Access Portal

ACCEPT THE SECURITY CERTIFICATE FOR THE WEB FILTER

CA Nimsoft Unified Management Portal

Domino and Internet. Security. IBM Collaboration Solutions. Ask the Experts 12/16/2014

User Guide Generate Certificate Signing Request (CSR) & Installation of SSL Certificate

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

Marriott Enrollment Server for Web User Guide V1.4

Apple Mail Outlook Web Access (OWA) Logging In Changing Passwords Mobile Devices Blackberry...

Guide for Generating. Apple Push Notification Service Certificate

Customizing SSL in CA WCC r11.3 This document contains guidelines for customizing SSL access to CA Workload Control Center (CA WCC) r11.3.

S/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: October 08, 2014

Obtaining SSL Certificates for VMware Horizon View Servers

Using Remote Web Workplace Version 1.01

SETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE)

Parallels Panel. Parallels Small Business Panel 10.2: User's Guide. Revision 1.0

Transcription:

SSLCer t i fic at e Cr eat i on

SWITCHBOARD SECURITY The Switchvox Switchboard uses https which is more secure than http. https requires a security certificate to be installed or for each user to allow a security exception. Teledynamic recommends using an SSL certificate, but ultimately, it is your decision on whether you allow end users to make the exceptions or provide a SSL certificate. We outline three options here. Option 1: (not recommended): Have users override the warning message. Below is an example from IE8. Depending on the browser you will be asked if you wish to proceed, please select to do so. Some browsers can be set to remember this choice, but others will require your permission each time.

Option 2: Self-Signed Certificates (process shown is for IE8 the process for different browsers would vary): 1. Browse to the site whose certificate you want to trust. 2. When told "There is a problem with this website's security certificate.", choose "Continue to this website (not recommended)." 3. Select Tools->Internet Options. 4. Select Security->Trusted sites->sites. 5. Confirm the URL matches, and click "Add" then "Close". 6. Close the "Internet Options" dialog box with either "OK" or "Cancel". 7. Refresh the current page. 8. When told "There is a problem with this website's security certificate.", choose "Continue to this website (not recommended)." 9. Click on "Certificate Error" at the right of the address bar and select "View certificates". 10. Click on "Install Certificate...", then in the wizard, click "Next". 11. On the next page select "Place all certificates in the following store". 12. Click "Browse", select "Trusted Root Certification Authorities", and click "OK". 13. Back in the wizard, click "Next", the "Finish". 14. If you get a "Security Warning" message box, click "Yes". 15. Dismiss the message box with "OK". 16. Select Tools->Internet Options. 17. Select Security->Trusted sites->sites. 18. Select the URL you just added, click "Remove", then "Close". 19. Now shut down all running instances of IE, and start up IE again. 20. The site's certificate should now be trusted.

Option 3: SSL Certificate (recommended): Here s the process for using a customer SSL Certificate: 1. Create a Certificate Service Request 2. Obtain an SSL Certificate 3. Install the Certificate Step #1. Create a Certificate Signing Request (CSR) Use a utility to create a CSR, and a Key file. The CSR file will end in.csr and the Key will end in.key On a machine such as a Mac with OS X, at the commandline you will use openssl: 1. openssl genrsa -out.key 2048 2. openssl req -new -key.key -out.csr Answer the questions that openssl presents. To leave a field blank, use a period (.) For Wildcard SSL, you need to prepend the domain name with asterisk dot (*.). For example: *.domain.com. Country Name (2 letter code) [AU]: US State or Province Name (full name) [Some-State]: Arizona Locality Name (eg, city) []: Phoenix Organization Name (eg, company) [Internet Widgits Pty Ltd]: MyCompany Ltd Organizational Unit Name (eg, section) []: IT Common Name (eg, YOUR name) []: mysubdomain.mydomain.com or *.mydomain.com Email Address []: email@mydomain.com Please enter the following 'extra' attributes to be sent with your certificate request (no password necessary) A challenge password []: IamN0tT3llinYou An optional company name []: The steps above will create a CSR file (.csr) and a Key file (.key). As an alternative to openssl on the command line, you can try this URL: http://www.instantssl.com/ssl-certificate-support/csr_generation/ssl-cer...

Step #2. Obtain a Certificate 1. Take the CSR to a Certificate Authority (CA) such as Godaddy. 2. Purchase a SSL Certificate (CRT). 3. Request or generate the CRT; you will need your CSR. Godaddy requires that you request the CRT and will prompt you for your CSR. Godaddy has a certificate manager page when you log in to your account on their website. 4. Download the CRT. You may receive some additional files, but the CRT is the one that you really need. 5. The files may be zipped. If so, expand the files. Now you should have two files (note that your crt and key file names will be different that the examples below and they might not reflect your domain name): yourdomain.crt (your CA creates this using your CSR) yourdomain.key (you created this at the same time you created your CSR) The contents of the files should look something like this: -----BEGIN RSA PRIVATE KEY----- MIIEo... followed by a large block of text... -----END RSA PRIVATE KEY-----

Step #3. Install the Certificate in Switchvox To install your certificate in Switchvox: 1. Open these files in a plain text editor and copy the WHOLE*** contents of each file. 2. Go to Server > Networking > HTTPS & Proxy in the Switchvox web suite. 3. Open yourdomain.crt in a plain text editor and paste the entire contents info X.509 Certificate in PEM Format 4. Open yourdomain.key in a plain text editor and paste the entire contents to RSA Private Key in PEM Format 5. Leave Intermediate CA Certificate empty. This is created automatically. 6. Click Save HTTPS & Proxy. Now you should be able to use the Switchvox web suite without having to accept a private certificate.