3.8.5 Importing a Web Server Certificate Using an External or Intranet Certificate Authority
3.8.5 Importing a Web Server Certificate Using an External or Intranet Certificate Authority
- Execute the sethttps command to generate a Web server secret key.
The following example specifies the -c genserverkey to generate a Web server secret key.
XSCF> sethttps -c genserverkey Server key already exists. Do you still wish to update? [y|n] :y Enter passphrase: xxxxxxxx Verifying - Enter passphrase: xxxxxxxx |
- Execute the sethttps command with the DN specified to generate a CSR.
The following example specifies the -c gencsr option along with the DN (JP, Kanagawa, Kawasaki, Example, development, scf-host, abc@example.com) to generate a CSR.
XSCF> sethttps -c gencsr JP Kanagawa Kawasaki Example development scfhost abc@example.com |
- Execute the showhttps command to display the CSR. Copy and save the displayed CSR (BEGIN to END) to a text file.
XSCF> showhttps HTTPS status: disabled Server key: installed in Jul 11 06:33:25 UTC 2006 CA key: installed in Jul 11 06:33:21 UTC 2006 CA cert: installed in Jul 11 06:33:21 UTC 2006 CSR: -----BEGIN CERTIFICATE REQUEST----- MIIByzCCATQCAQAwgYoxCzAJBgNVBAYTAkpQMREwDwYDVQQIEwhLYW5hZ2F3YTER MA8GA1UEBxMIS2F3YXNha2kxEDAOBgNVBAoTB0ZVSklUU1UxDDAKBgNVBAsTA0VQ : uni/n3g2/F5Ftnjg+M4HtfzT6VwEhG01FGP4IImqKg== -----END CERTIFICATE REQUEST----- |
- Send the copied CSR to the certificate authority to ask it to publish a Web server certificate.
- To perform the import, execute the sethttps command with the -c importca option specified, copy the Web server certificate signed in step 4, and paste it in the window.
Press the [Enter] key to import it, and press the [Ctrl] and [D] keys to complete this step.
XSCF> sethttps -c importca Please import a certificate: -----BEGIN CERTIFICATE----- MIIDdTCCAt6gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBgTELMAkGA1UEBhMCamox : R+OpXAVQvb2tjIn3kO99dq+begECo4mwknW1t7QI7A1BkcW2/MkOolIRa6iP1Zwg JoPmwAbrGyAvGUtdzUoyIH0jl7dRQrVIRA== -----END CERTIFICATE----- <Press the [Ctrl] and [D] keys> |
- Execute the sethttps command to enable HTTPS.
XSCF> sethttps -c enable Continue? [y|n] : y |
- From the client, access XSCF Web with HTTPS specified. Confirm that no security warning dialog box appears on the screen and the certificate is correct.
< Previous Page | Next Page >