Creating an authorized SSL certificate



Similar documents
Exchange Reporter Plus SSL Configuration Guide

SSL Certificate Generation

Customizing SSL in CA WCC r11.3 This document contains guidelines for customizing SSL access to CA Workload Control Center (CA WCC) r11.3.

Configuring HTTPS support. Overview. Certificates

Installing Digital Certificates for Server Authentication SSL on. BEA WebLogic 8.1

SSL Configuration on Weblogic Oracle FLEXCUBE Universal Banking Release [August] [2014]

Entrust Certificate Services. Java Code Signing. User Guide. Date of Issue: December Document issue: 2.0

IUCLID 5 Guidance and Support

CA Nimsoft Unified Management Portal

Director and Certificate Authority Issuance

This document uses the following conventions for items that may need to be modified:

Version 9. Generating SSL Certificates for Progeny Web

PowerChute TM Network Shutdown Security Features & Deployment

Cisco Prime Central Managing Certificates

Configuring SSL in OBIEE 11g

DISTRIBUTED CONTENT SSL CONFIGURATION AND TROUBLESHOOTING GUIDE

CHAPTER 7 SSL CONFIGURATION AND TESTING

Configuring Secure Socket Layer (SSL) for use with BPM 7.5.x

User Guide Generate Certificate Signing Request (CSR) & Installation of SSL Certificate

KMIP installation Guide. DataSecure and KeySecure Version SafeNet, Inc

Junio SSL WebLogic Oracle. Guía de Instalación. Junio, SSL WebLogic Oracle Guía de Instalación CONFIDENCIAL Página 1 de 19

1. If there is a temporary SSL certificate in your /ServerRoot/ssl/certs/ directory, move or delete it. 2. Run the following command:

C-Series How to configure SSL

RHEV 2.2: REST API INSTALLATION

To install and configure SSL support on Tomcat 6, you need to follow these simple steps. For more information, read the rest of this HOW-TO.

SafeNet KMIP and Amazon S3 Integration Guide

JAMF Software Server Installation Guide for Windows. Version 8.6

Table of Contents INTRODUCTION... 2 SYSTEM REQUIREMENTS... 3 SERVICEDESK PLUS - MSP EDITIONS... 5 INSTALL SERVICEDESK PLUS - MSP...

Table of Contents INTRODUCTION... 2 SYSTEM REQUIREMENTS... 3 SERVICEDESK PLUS EDITIONS... 4 INSTALL SERVICEDESK PLUS... 5

Using Internet or Windows Explorer to Upload Your Site

SafeNet KMIP and Google Cloud Storage Integration Guide

Wildcard Certificates

JAMF Software Server Installation Guide for Linux. Version 8.6

Chapter 1: How to Configure Certificate-Based Authentication

Cloud Director Installation and Configuration Guide

Universal Content Management Version 10gR3. Security Providers Component Administration Guide

Developers Integration Lab (DIL) Certificate Installation Instructions. Version 1.4

User Guide Self Service Password Reset April 2012

SSO Plugin. Case study: Integrating with Ping Federate. J System Solutions. Version 4.0

Enable SSL in Go2Group SOAP Server

Table of Contents INTRODUCTION... 2 SYSTEM REQUIREMENTS... 3 INSTALLATION... 4 INSTALLING SUPPORTCENTER PLUS In Windows In Linux...

Lepide Active Directory Self Service. Configuration Guide. Follow the simple steps given in this document to start working with

Configuring Secure Socket Layer and Client-Certificate Authentication on SAS 9.3 Enterprise BI Server Systems That Use Oracle WebLogic 10.

Protect your CollabNet TeamForge site

Obtaining SSL Certificates for VMware View Servers

How to Implement Transport Layer Security in PowerCenter Web Services

Enterprise Content Management System Monitor 5.1 Security Considerations Revision CENIT AG Brandner, Marc

ADSelfService Plus: Guide to Install SSL Certificate. 1 P a g e

Installing BIRT Analytics 4.4

Securing Adobe connect Server and CQ Server

Installation valid SSL certificate

Obtaining SSL Certificates for VMware Horizon View Servers

Copyright 2013 EMC Corporation. All Rights Reserved.

Configuring TLS Security for Cloudera Manager

Installing an SSL Certificate Provided by a Certificate Authority (CA) on the BlueSecure Controller (BSC)

Introduction to Mobile Access Gateway Installation

C O N F I G U R I N G O P E N L D A P F O R S S L / T L S C O M M U N I C A T I O N

IBM Security QRadar Vulnerability Manager Version User Guide

Application Note AN1502

Oracle Enterprise Manager Installation and Configuration Guide for IBM Tivoli Enterprise Console Connector Release

Creating and Managing Certificates for My webmethods Server. Version 8.2 and Later

Run Archive Server for MDaemon in HTTPS

Red Hat Linux Guide to Installing Root Certificates, Generating CSR and Installing SSL Certificate

SSL: HOW TO APPLY SIGNED CERTFICATE TO TGP

SolarWinds Technical Reference

Configuring an Oracle Business Intelligence Enterprise Edition Resource in Metadata Manager

CA Spectrum. Administrator Guide. Release 9.4

Scenarios for Setting Up SSL Certificates for View

SSL Configuration on WebSphere Oracle FLEXCUBE Universal Banking Release [September] [2013] Part No. E

Administration Guide for SAP HANA Smart Data Integration and SAP HANA Smart Data Quality

SSL Certificate and Key Management

How to Create Keystore and Truststore Files for Secure Communication in the Informatica Domain

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

Oracle Identity Manager

Enterprise Content Management System Monitor. How to deploy the JMX monitor application in WebSphere ND clustered environments. Revision 1.

Verify Needed Root Certificates Exist in Java Trust Store for Datawire JavaAPI

QuickStart Guide for Managing Mobile Devices. Version 9.2

How to Implement Two-Way SSL Authentication in a Web Service

Upgrading Your Web Server from ClientBase Browser Version 2.0 or Above to Version 2.1.1

Accessing PostgreSQL through JDBC via a Java SSL tunnel

SSL Configuration Best Practices for SAS Visual Analytics 7.1 Web Applications and SAS LASR Authorization Service

Working with Portecle to update / create a Java Keystore.

RSA Authentication Manager 8.1 Virtual Appliance Getting Started

Configuring the JBoss Application Server for Secure Sockets Layer and Client-Certificate Authentication on SAS 9.3 Enterprise BI Server Web

BlackBerry Enterprise Service 10. Version: Configuration Guide

VMware vrealize Operations for Horizon Security

F-Secure Messaging Security Gateway. Deployment Guide

(n)code Solutions CA A DIVISION OF GUJARAT NARMADA VALLEY FERTILIZERS COMPANY LIMITED P ROCEDURE F OR D OWNLOADING

The IceWarp SSL Certificate Process

User Service and Directory Agent: Configuration Best Practices and Troubleshooting

SWITCHBOARD SECURITY

IceWarp SSL Certificate Process

Installing an SSL Certificate Provided by a Certificate Authority (CA) on the vwlan Appliance

Quick and Easy Solutions With Free Java Libraries Part II

Exchange 2010 PKI Configuration Guide

VMware vrealize Operations for Horizon Security

Transcription:

Creating an authorized SSL certificate for On-premises Enterprise MeetingSphere Server

The On-premises Enterprise MeetingSphere Server requires an authorized SSL certificate. This document provides a step-by-step guide for creating such a certificate with Java Keytool. For your MeetingSphere a simple non-wildcard SSL certificate will do. Any type of SSL certificate will expire after a specific period and need to be reissued. A. Create a private key-store Execute the following steps on a computer with Sun (Oracle) Java Development Kit 1.5 or higher. This could be your MeetingSphere Server which requires Sun (Oracle) JDK 1.8 in any case. 1. Call Keytool Execute the following command from the command-line prompt: keytool -genkey -alias tomcat -keyalg RSA -keysize 2048 -keystore domainname.kdb for domainname.kdb substitute your domain name. In the example this is example.com.kdb. If Java is installed correctly (Linux path variable: $JAVA_HOME/bin, Windows path variable %JAVA_HOME%\bin) you do not have to specify a path. If required, change directory to the java directory which contains the program keytool. Keytool: Creating a keystore file 2. Keystore password When prompted, specify the password for your keystore (Example: changeit ). Write this down! You require this password when deploying the keystore in the MeetingSphere Server console. 2015 MeetingSphere May 2015 page 2

3. (Sub) domain name When asked What is your first and last name? specify the (sub)domain name by which your MeetingSphere is registered in the DNS. For a simple non-wildcard certificate you have to specify the full domain name (here example.com ) If, however, the hostname registered in the DNS results in a URL like https://meetingsphere.example.com, specify meetingsphere.example.com (everything after https:// ). In this case, use meetingsphere.example.com also as the file name of your keystore! Be aware that every combination of characters to the left of the domain name and separated by a dot constitutes a sub domain: www.example.com is a sub domain of example.com and is not covered by a simple certificate for example.com. Any discrepancy between (sub) domain name in the keystore and the actual address of your MeetingSphere will cause security alerts in the users browsers! 4. Organizational unit / Organization Specify the name of your department and the complete legal name of your organization. In the example this is Meeting Management and Example Inc. You may specify your organization name also for Organizational unit. Note the characters allowed for this and the following information are restricted. Characters [! @ # $ % ^ ( ) ~? > < & / \,. " '] are illegal. 5. City, state and country In the example given above these are Hamburg (city), Hamburg (state) and DE for Germany. The country is specified with its 2-letter country code according to ISO 3166-1 alpha 2 which is also used by e.g. NATO. Examples: DE, GB, FR, ES, US, JP. 6. Verify your specification keytool will display your specification for confirmation. If correct, confirm with yes. 7. Password for <tomcat> keytool prompts you again for a password. Press enter to confirm the password given above. 8. Creation and backup of the keystore file On confirmation of the password for <tomcat>, the specified keystore file (in the example example.com.kdb ) will be created and stored in the directory from which keytool was called. Create a backup of the keystore file. 2015 MeetingSphere May 2015 page 3

B. Certificate signing request (CSR) 9. Call Keytool From the command prompt, call keytool : keytool -certreq -alias tomcat -keystore domainname.kdb -file domainname.csr substitute the file name you have specified in step 1 above (e.g. example.com.kdb ) for domainname.kdb. Use that name also for the signing-request file. In our example domainname.csr should read example.com.csr. When prompted, give the password of the keystore (here: changeit ). Keytool: Creating a signing request Create another backup of the keystore, as step 9 may lead to different results if repeated. 10. Getting the domain and the SSL root certificate With your web browser go to the homepage of your SSL provider (certificate authority). Follow instructions for creating an SSL certificate. Typically, you will be asked to upload the csr file (in our example example.com.csr from the directory from which you have called keytool. Alternatively, you may be asked to open the csr file in an editor and paste its content into an input box. At the end of this procedure you will receive (by download or email) a certificate for your domain and an SSL root certificate of the certificate authority. C. Finalize the keystore To finalize the keystore, you must copy the received certificates to the directory from which you have called keytool and where the keystore (in our example example.com.kdb ) and the signing request (in our example example.com.csr ) reside. Before importing the certificates, create a backup of these files, e.g. example.com.kdb.bak. The following description presupposes two certificates i.e. the root certificate and the domain certificate. Should your SSL provider supply more than two certificates, follow the directions given by your SSL provider. However, make sure that the alias given for your certificate in steps 1 and 9 is tomcat. 11. Import the root certificate into the keystore Call keytool again: keytool -import -trustcacerts -keystore domainname.kdb -alias root -file root.cer 2015 MeetingSphere May 2015 page 4

where - domainname.kdb is your kdb file (in our example example.com.kdb ) - root.cer is the certificate of your certificate authority Keytool: Import of the root certificate in the keystore When prompted, give the password as specified in step 1 (Example: changeit ). Possibly you will be informed that the root certificate is already included in the system-wide keystore. In any case, confirm with yes! You want to add the root certificate to your specific SSL keystore! Note: Simple confirmation with Enter would count as no! 12. Import the SSL domain certificate into the Keystore Call keytool again: keytool -import -trustcacerts -keystore domainname.kdb -alias tomcat -file domainname.cer Where - domainname.kdb is your keystore file (in our example example.com.kdb ) - domainname.cer is the domain certificate received from your SSL provider (example: example.com.cer ). When prompted, give your password (example: changeit ). Keytool: Import of the domain certificate into the keystore 2015 MeetingSphere May 2015 page 5

Your keystore domainname.kdb (in the example: example.com.kdb ) is now complete and ready for use. Create a backup and store of this file in a safe place! D. Install the keystore on the MeetingSphere Server 13. Upload the keystore in the server console Open the application server console > Server administration > SSL keystore control. - Specify uploaded keystore. - Upload the keystore and specify the password. MeetingSphere Inc 440 Monticello Ave, Suite 1875 Norfolk, VA 23510 United States of America www.meetingsphere.com T: 1 (703) 348 0725 Sales: sales@meetingsphere.com Support: http://meetingsphere.com/support 2015 MeetingSphere May 2015 page 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information