Stunnel: SSL Certificate: Difference between revisions
m
Reverted edits by Upazixorys (Talk); changed back to last version by Ric
Upazixorys (talk | contribs) No edit summary |
m (Reverted edits by Upazixorys (Talk); changed back to last version by Ric) |
||
Line 1: | Line 1: | ||
<span id="top"></span> | |||
< | <div style="padding:0;margin:0; border-bottom:3px inset #000000"> | ||
</ | |||
{| | {| | ||
| [[Image:uc_small_logo.gif | MPG UniCenter]] || | | [[Image:uc_small_logo.gif | MPG UniCenter]] || | ||
Line 30: | Line 14: | ||
[[Stunnel: Original | Original]] | [[Stunnel: Original | Original]] | ||
|} | |} | ||
</div> | |||
{| cellpadding= | {| cellpadding="2" | ||
| | | | ||
__TOC__ | __TOC__ | ||
|| | || | ||
'''Stunnel SSL Certificate and Key generation''' | '''Stunnel SSL Certificate and Key generation'''<br>'''Final Stunnel Test'''<br>'''Uniform Server 3.5-Apollo''' | ||
|} | |} | ||
Before going live with your secure server it is '''imperative''' you generate a '''new certificate''' and '''public key''' for Stunnel. The process is extremely easy, first shut down both servers and follow the instructions below. | Before going live with your secure server it is '''imperative''' you generate a '''new certificate''' and '''public key''' for Stunnel. The process is extremely easy, first shut down both servers and follow the instructions below. | ||
Line 42: | Line 26: | ||
The batch files '''mpg_create.bat''' allows you to create the private key and public key (certificate) in one go. | The batch files '''mpg_create.bat''' allows you to create the private key and public key (certificate) in one go. | ||
The file is located in folder: ''' | The file is located in folder: '''<nowiki>*</nowiki>\Uniform Server\udrive\home\admin\www\plugins\stunnel_424\bin''' | ||
# If running shut down your servers. | # If running shut down your servers. | ||
# To start the process double click on the batch file '''mpg_create.bat'''. | # To start the process double click on the batch file '''mpg_create.bat'''. | ||
# First the private key is automatically created and requires no input from you. | # First the private key is automatically created and requires no input from you. | ||
# The next phase is a Certificate Signing Request (CSR). | # The next phase is a Certificate Signing Request (CSR).<br>During this generation process you will be prompted for several pieces of information. These are the X.509 attributes of the certificate. | ||
# I have highlighted in bold the type of information you enter. | # I have highlighted in bold the type of information you enter. | ||
{|cellpadding= | {|cellpadding="4" | ||
|width= | |width="20"| | ||
|style= | |style="background:#f8f8f8;border:1px solid #cccccc"| | ||
Country Name (2 letter code) [PL]:'''UK''' | Country Name (2 letter code) [PL]:'''UK'''<br> | ||
State or Province Name (full name) [Some-State]:'''Cambridgeshire''' | State or Province Name (full name) [Some-State]:'''Cambridgeshire'''<br> | ||
Locality Name (eg, city) []:Cambridge | Locality Name (eg, city) []:Cambridge<br> | ||
Organization Name (eg, company) [Stunnel Developers Ltd]:'''Mike Gleaves UniCenter''' | Organization Name (eg, company) [Stunnel Developers Ltd]:'''Mike Gleaves UniCenter'''<br> | ||
Organizational Unit Name (eg, section) []:'''Uniform Server 3.5-Apollo example''' | Organizational Unit Name (eg, section) []:'''Uniform Server 3.5-Apollo example'''<br> | ||
Common Name (FQDN of your server) [127.0.0.1]:'''fred.gotdns.com''' | Common Name (FQDN of your server) [127.0.0.1]:'''fred.gotdns.com'''<br> | ||
Press any key to continue | Press any key to continue | ||
|} | |} | ||
Line 91: | Line 75: | ||
'''''[[#top | Top]]''''' | '''''[[#top | Top]]''''' | ||
== Help == | == Help == | ||
I have purposely avoided showing how to set the ports on your firewall or router. The reason being each firewall and router use different methods; however do not be discouraged there is a complete site dedicated to this [http://portforward.com/ | I have purposely avoided showing how to set the ports on your firewall or router. The reason being each firewall and router use different methods; however do not be discouraged there is a complete site dedicated to this [http://portforward.com/" portforward.com]. | ||
I your firewall or router is not listed on this site then it does not exist, yes it’s that comprehensive. Start from this [http://portforward.com/guides.htm guides page]. | I your firewall or router is not listed on this site then it does not exist, yes it’s that comprehensive. Start from this [http://portforward.com/guides.htm guides page]. |