https://wiki.uniformserver.com/index.php?title=UniServer_CA:_Introduction&feed=atom&action=historyUniServer CA: Introduction - Revision history2024-03-29T12:10:27ZRevision history for this page on the wikiMediaWiki 1.41.0https://wiki.uniformserver.com/index.php?title=UniServer_CA:_Introduction&diff=3735&oldid=prevRic at 14:04, 24 April 20092009-04-24T14:04:08Z<p></p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 14:04, 24 April 2009</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l8">Line 8:</td>
<td colspan="2" class="diff-lineno">Line 8:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Most write-ups are Unix/Linux oriented they have been using secure servers since year dot. This write-up addresses the balance a little. UniServer portable CA is specifically designed for Windows.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Most write-ups are Unix/Linux oriented they have been using secure servers since year dot. This write-up addresses the balance a little. UniServer portable CA is specifically designed for Windows.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Open SSL provides all the tools required for creating a CA, they <del style="font-weight: bold; text-decoration: none;">ate </del>command line tool and inherently portable (Unix parentage) these factors make it ideal for batch file control allowing certificate and key generation to be semi-automated. </div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>Open SSL provides all the tools required for creating a CA, they <ins style="font-weight: bold; text-decoration: none;">are </ins>command line tool and inherently portable (Unix parentage) these factors make it ideal for batch file control allowing certificate and key generation to be semi-automated. </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>This step-by-step guide covers UniServer portable CA installation, how to use provided batch files for creating CA, server and personal (client) certificates. This is followed by a detailed description of command lines used and how they are integrated into these files to produce the portable CA. Concludes with some examples for using personal certificates with Apache.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>This step-by-step guide covers UniServer portable CA installation, how to use provided batch files for creating CA, server and personal (client) certificates. This is followed by a detailed description of command lines used and how they are integrated into these files to produce the portable CA. Concludes with some examples for using personal certificates with Apache.</div></td></tr>
</table>Richttps://wiki.uniformserver.com/index.php?title=UniServer_CA:_Introduction&diff=3713&oldid=prevRic at 14:32, 23 April 20092009-04-23T14:32:40Z<p></p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 14:32, 23 April 2009</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l2">Line 2:</td>
<td colspan="2" class="diff-lineno">Line 2:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''Portable CA (Certificate Authority)'''</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''Portable CA (Certificate Authority)'''</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>This <del style="font-weight: bold; text-decoration: none;">proposed </del>plugin is slightly unusual it starts off as a Uniform Server plugin where you can install a CA and server certificate including a server key to the Apache server. After completion the entire plugin is transferred to a USB memory stick enhancing security by removing the CA’s key from your PC.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>This plugin is slightly unusual it starts off as a Uniform Server plugin where you can install a CA and server certificate including a server key to the Apache server. After completion the entire plugin is transferred to a USB memory stick enhancing security by removing the CA’s key from your PC.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">The CA is portable once </del>transferred to a USB memory stick you can generate personal (client) certificates as and when required. I must stress this is for use on a personal web server or intranet. Never use this for e-commerce, always use a commercial payment system and let the experts take the strain.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">Once </ins>transferred to a USB memory stick <ins style="font-weight: bold; text-decoration: none;">the CA is portable, </ins>you can generate personal (client) certificates as and when required. I must stress this is for use on a personal web server or intranet. Never use this for e-commerce, always use a commercial payment system and let the experts take the strain.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Most write-ups are Unix/Linux oriented <del style="font-weight: bold; text-decoration: none;">because </del>they have been using secure servers since year dot. This write-up addresses the balance a little. UniServer portable CA is specifically designed for Windows.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>Most write-ups are Unix/Linux oriented they have been using secure servers since year dot. This write-up addresses the balance a little. UniServer portable CA is specifically designed for Windows.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Open SSL provides all the tools required for creating a CA, they ate command line tool and inherently portable (Unix parentage) these factors make it ideal for batch file control allowing certificate and key generation to be semi-automated. </div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Open SSL provides all the tools required for creating a CA, they ate command line tool and inherently portable (Unix parentage) these factors make it ideal for batch file control allowing certificate and key generation to be semi-automated. </div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l13">Line 13:</td>
<td colspan="2" class="diff-lineno">Line 13:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''''[[#top | Top]]'''''</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''''[[#top | Top]]'''''</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>== Install ==</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>== <ins style="font-weight: bold; text-decoration: none;">Download and </ins>Install ==</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Download [<del style="font-weight: bold; text-decoration: none;">[UniServer CA</del>: <del style="font-weight: bold; text-decoration: none;">Download </del>& <del style="font-weight: bold; text-decoration: none;">Support | UniServer_CA.exe</del>]<del style="font-weight: bold; text-decoration: none;">] save </del>to folder UniServer\udrive\<del style="font-weight: bold; text-decoration: none;">'''</del>plugins''' double click file to <del style="font-weight: bold; text-decoration: none;">extract</del>.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">'''''Options 1'':'''</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"># Unpack a new copy of Uniform Server 4.1-Mona.</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"># </ins>Download <ins style="font-weight: bold; text-decoration: none;">file '''UniServer_CA_1.0.exe''' from </ins>[<ins style="font-weight: bold; text-decoration: none;">http</ins>:<ins style="font-weight: bold; text-decoration: none;">//sourceforge.net/project/showfiles.php?group_id=53691&package_id=49448</ins>&<ins style="font-weight: bold; text-decoration: none;">release_id=677887 Sourceforge</ins>]</div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"># Save it </ins>to folder <ins style="font-weight: bold; text-decoration: none;">'''</ins>UniServer\udrive\plugins'''<ins style="font-weight: bold; text-decoration: none;">.</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"># To extract files, </ins>double click <ins style="font-weight: bold; text-decoration: none;">on </ins>file <ins style="font-weight: bold; text-decoration: none;">UniServer_CA_1.0.exe, no need to change the path.</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"># If you wish </ins>to <ins style="font-weight: bold; text-decoration: none;">save space delete UniServer_CA_1.0</ins>.<ins style="font-weight: bold; text-decoration: none;">exe</ins></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">This creates </del>a new folder <del style="font-weight: bold; text-decoration: none;">named </del>'''UniServer_CA''' <del style="font-weight: bold; text-decoration: none;">containing </del>the following files and folders:</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">'''''Options 2'':'''</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"># Unpack </ins>a new <ins style="font-weight: bold; text-decoration: none;">copy of Uniform Server 4.1-Mona.</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"># Download file '''UniServer_CA_1.0.zip''' from [http://sourceforge.net/project/showfiles.php?group_id=53691&package_id=49448&release_id=677887 Sourceforge]</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"># Save to any folder (e.g. '''''temp1''''')</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"># Extract files, navigate to folder UniServer_CA</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"># Copy UniServer_CA to the installed Uniform Server </ins>folder '''<ins style="font-weight: bold; text-decoration: none;">UniServer\udrive\plugins'''. </ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"># If you wish to save space delete '''''temp1'''''</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">'''''Folders and files'''''</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">Folder '''UniServer\udrive\plugins\</ins>UniServer_CA''' <ins style="font-weight: bold; text-decoration: none;">contains </ins>the following files and folders:</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* Clean.bat – Reverts back to a default installation</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* Clean.bat – Reverts back to a default installation</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l29">Line 29:</td>
<td colspan="2" class="diff-lineno">Line 45:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>** ssleay32.dll - Function libraries</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>** ssleay32.dll - Function libraries</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>** zlib1.dll - Function libraries</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>** zlib1.dll - Function libraries</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">If you wish to save space delete UniServer_CA.exe</del></div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''''[[#top | Top]]'''''</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''''[[#top | Top]]'''''</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l283">Line 283:</td>
<td colspan="2" class="diff-lineno">Line 298:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>{|</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>{|</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| [[Image:uc_small_logo.gif]] || [[User:<del style="font-weight: bold; text-decoration: none;">Ric</del>|Ric]]</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| [[Image:uc_small_logo.gif]] || [[User:<ins style="font-weight: bold; text-decoration: none;">WikiSysop</ins>|Ric]]</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>|}</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>|}</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category: UniCenter]]</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category: UniCenter]]</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category: Uniform Server 4.0-Mona]]</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category: Uniform Server 4.0-Mona]]</div></td></tr>
</table>Richttps://wiki.uniformserver.com/index.php?title=UniServer_CA:_Introduction&diff=3661&oldid=prevRic: New page: {{Uc nav UniServer CA}} '''Portable CA (Certificate Authority)''' This proposed plugin is slightly unusual it starts off as a Uniform Server plugin where you can install a CA and server c...2009-02-15T11:50:04Z<p>New page: {{Uc nav UniServer CA}} '''Portable CA (Certificate Authority)''' This proposed plugin is slightly unusual it starts off as a Uniform Server plugin where you can install a CA and server c...</p>
<p><b>New page</b></p><div>{{Uc nav UniServer CA}}<br />
'''Portable CA (Certificate Authority)'''<br />
<br />
This proposed plugin is slightly unusual it starts off as a Uniform Server plugin where you can install a CA and server certificate including a server key to the Apache server. After completion the entire plugin is transferred to a USB memory stick enhancing security by removing the CA’s key from your PC.<br />
<br />
The CA is portable once transferred to a USB memory stick you can generate personal (client) certificates as and when required. I must stress this is for use on a personal web server or intranet. Never use this for e-commerce, always use a commercial payment system and let the experts take the strain.<br />
<br />
Most write-ups are Unix/Linux oriented because they have been using secure servers since year dot. This write-up addresses the balance a little. UniServer portable CA is specifically designed for Windows.<br />
<br />
Open SSL provides all the tools required for creating a CA, they ate command line tool and inherently portable (Unix parentage) these factors make it ideal for batch file control allowing certificate and key generation to be semi-automated. <br />
<br />
This step-by-step guide covers UniServer portable CA installation, how to use provided batch files for creating CA, server and personal (client) certificates. This is followed by a detailed description of command lines used and how they are integrated into these files to produce the portable CA. Concludes with some examples for using personal certificates with Apache.<br />
<br />
'''''[[#top | Top]]'''''<br />
== Install ==<br />
Download [[UniServer CA: Download & Support | UniServer_CA.exe]] save to folder UniServer\udrive\'''plugins''' double click file to extract.<br />
<br />
This creates a new folder named '''UniServer_CA''' containing the following files and folders:<br />
<br />
* Clean.bat – Reverts back to a default installation<br />
* Create_CA.bat – Creates a CA and folders<br />
* Server.bat – Creates a new server certificate and key signed by CA<br />
* Client.bat – Creates client (personal) certificates <br />
* Revoke.bat – Revoke client (personal) certificates <br />
* '''''CA - Folder''''' - Content<br />
** libeay32.dll - Function libraries <br />
** openssl.cnf – Open SSL configuration file<br />
** openssl.exe – Open SSL program<br />
** ssleay32.dll - Function libraries<br />
** zlib1.dll - Function libraries<br />
If you wish to save space delete UniServer_CA.exe<br />
<br />
'''''[[#top | Top]]'''''<br />
<br />
== Batch file overview ==<br />
This portable CA has been designed to prevent silly mistakes (comment aimed at me), for example you are allowed to create only a '''single CA''', rerunning Create_CA.bat produces a warning message and execution terminates. Likewise only a '''single server certificate and key''' can be generated. Rerunning Server.bat again produces a warning and execution stops in both cases no action is performed. <br />
<br />
Until a CA is created running either Server.bat or Client.bat produces a warning no operations are performed.<br />
<br />
'''''Experiment'':'''<br />
<br />
Run the batch files and get a feel for what they do, when finished run '''Clean.bat''' this reverts the CA to a default installation. When run, Clean.bat requires confirmation (twice) to make sure you really want to delete all certificates and keys.<br />
<br />
'''''Install options'':'''<br />
<br />
Initially the CA is installed as a plugin this allows certificates and key to be automatically copied to the server. After this the folder UniServer_CA should be copied to a different location ideally to a USB memory stick. This protects the all important CA key <br />
<br />
If you decide not to initially install as a plugin, UniServer_CA.exe may be extracted to another folder or a '''USB memory stick''' and run from there, in this situation certificates and key need to be '''manually copied''' to the server. <br />
<br />
Remainder of this write-up looks at the process and batch files in more detail.<br />
<br />
'''''[[#top | Top]]'''''<br />
<br />
== Quick Guide ==<br />
The following procedure creates a localhost test certificate signed by your CA (for a test run just accept the defaults).<br />
<br />
Before issuing personal certificates run through the process a least once. This will allow you to understand what inputs are required and what outputs to expect.<br />
<br />
'''''Note'':''' For the initial run you can use the defaults, to accept defaults press enter when prompted for input. <br />
<br />
'''''[[#top | Top]]'''''<br />
=== Enable SSL ===<br />
Uniform Server has been pre-configured for SSL operation however a default installation has this function disabled. Before running the servers enable the appropriate line in httpd.conf as follows:<br />
<br />
'''''[[#top | Top]]'''''<br />
==== Edit httpd.conf ====<br />
Skip this if you have already enabled SSL (Automatically enabled when server certificate created via Apanel). <br />
<br />
Edit file UniServer\udrive\usr\local\apache2\conf\'''httpd.conf''' locate line:<br />
<pre><br />
#LoadModule ssl_module modules/mod_ssl.so<br />
</pre><br />
To enale SSL remove the hash "#" asshown belo:<br />
<pre><br />
#LoadModule ssl_module modules/mod_ssl.so<br />
</pre><br />
<br />
'''''[[#top | Top]]'''''<br />
<br />
=== Run Batch Files ===<br />
To create your personal CA and server certificate run the following two batch files:<br />
<br />
==== Run Create_CA.bat ====<br />
To create the CA's flie structure and certificate '''ca.crt''' and key '''ca.key''' run '''Create_CA.bat&nbsp;'''.<br />
<br />
You will be prompted for the following information:<br />
<pre><br />
O Organisation Name (eg, company) [UniServer CA]:<br />
OU Organisation Unit (eg, section) [Secure Demo CA]:<br />
</pre><br />
Its your CA enter something appropriate for your server the defaults are shown in square brackets.<br />
<br />
At the following prompt:<br />
<pre><br />
Enter PEM pass phrase<br />
</pre><br />
Enter a memorable pass phrase (e.g. fred) this is requested twice. <br />
<br />
The pass phrase is important it is required for signing and revoking certificates hence write it down somewhere safe.<br />
<br />
==== Run Server.bat ====<br />
Next we create a server certificate ('''server.crt''') and key ('''server.key''') by running '''Server.bat'''<br />
<br />
You will be prompted for the following information:<br />
<pre><br />
CN Common Name. Your full domain name [localhost]:<br />
O Organisation Name (eg, company) [UniServer]:<br />
OU Organisation Unit (eg, section) [Secure Demo]:<br />
</pre><br />
With the exception of '''CN''' you can enter anything you like make it appropriate for your site defaults are shown in square brackets.<br />
<br />
Common name ('''CN''') is the only requirement for creating a server certificate. It must be your fully qualified domain name, this is what a user types into their browser to access your site (not including the https:// bit). For example if your site is accessed using ''<nowiki>https://my_domain.com</nowiki>'' you would enter '''my_domain.com''' for the common name.<br />
<br />
'''''Note'':''' If you wish to run more than one site under the same domain name you can create a wild card certificate. For the common name (CN) enter '''*.my_domain.com''' Mod SSL does not support name based virtual hosts on the same port hence when running more than a signal virtual host you must use a different port (standard port is 443). <br />
<br />
After entering the above:<br />
* When prompted enter the pass phrase you used to create the CA (fred)<br />
* Type "'''y'''" to sign certificate<br />
* Type "'''y'''" to commit - Creates certificate and adds serial number.<br />
<br />
The following certificates and key are copied to the server: <br />
* File CA\server\'''ca.crt''' copied to folder \usr\local\apache2\conf\'''ssl.crt''' <br />
* File CA\server\'''server.crt''' copied to folder \usr\local\apache2\conf\'''ssl.crt''' <br />
* File CA\server\'''server.key''' copied to folder \usr\local\apache2\conf\'''ssl.key'''<br />
<br />
'''''Note 1'':''' If CA not installed as a plugin you are informed to manually copy the above files.<br />
<br />
'''''Note 2'':''' The CA certificate ca.crt although copied is not required for a secure server. It will be used later for personal (client) certificate authentication see [[UniServer CA: Client Certificates | Client Certificates]].<br />
<br />
'''''[[#top | Top]]'''''<br />
<br />
==== Run Clean.bat ====<br />
This batch file is provided for convenience it allows you to restore the plugin to a default installation.<br />
<br />
After testing run this batch file to clean out any certificates and keys. You can rerun the above two batch files and enter real values matching your site. <br />
<br />
'''''Note'':''' Once you have issued certificates never run this batch file its draconian and deletes everything.<br />
<br />
=== Test ===<br />
Testing is straight forward I make no apologies for using Firefox ([http://portableapps.com/apps/internet/firefox_portable Download portable Firefox]). <br />
{|<br />
|-<br />
|valign="top"|<br />
# Start the servers and type '''<nowiki>https://localhost/</nowiki>''' into your rowser address bar.<br />
# You are informed the certificate is suspect (Firefox)<br />
# Click link '''Or you can add an exception…'''<br />
# Click link '''Add Exception''' (opens new pop-up)<br />
# Click link '''Get Certificate''' (top right)<br />
# Box bottom left ''Permanently store this exception'' '''Un-Check''' this box<br />
# Click view certificate details shown right:<br />
# Click link '''Confirm Security Exception'''<br />
# The secure website index page is displayed.<br />
'''''Certificate details'':'''<br />
<br />
Certificate values shown are defaults. Intended to show what is displayed by a browser. <br />
||<br />
{|cellpadding="2" cellspacing="2"<br />
|-style="background:#f5f5f5;"<br />
|'''Issued To'''||&nbsp;<br />
|-style="background:#f5f5f5;"<br />
|Common Name (CN)||'''localhost'''<br />
|-style="background:#f5f5f5;"<br />
|Organisation(O)||'''UniServer'''<br />
|-style="background:#f5f5f5;"<br />
|Organisation Unit(OU)|| '''Secure Demo'''<br />
|-style="background:#f5f5f5;"<br />
|Serial Number|| '''01'''<br />
|-style="background:#f5f5f5;"<br />
|'''Issued By'''||&nbsp;<br />
|-style="background:#f5f5f5;"<br />
||Common Name (CN)|| <Not Part Of Certificate><br />
|-style="background:#f5f5f5;"<br />
|Organisation(O)|| '''UniServer CA'''<br />
|-style="background:#f5f5f5;"<br />
|Organisation Unit(OU)||'''Secure Demo CA'''<br />
|}<br />
|}<br />
Every signed certificate is unique and issued with a serial number this is automatically added by the CA. A common name (CN) must match your server. You can enter anything you like for the other certificate values.<br />
<br />
I have assumed you accepted the defaults for testing at this stage you can rerun the above batch files to do this first run '''Clean.bat'''. Create a CA and server certificate and key, enter real values for your site. <br />
<br />
'''''[[#top | Top]]'''''<br />
<br />
== Optional change defaults ==<br />
If you wish, change the batch file defaults as follows:<br />
<br />
'''1)''' Edit file: UniServer\udrive\plugins\UniServer_CA\'''Create_CA.bat''' Locate these lines:<br />
<pre><br />
set unitO=UniServer CA<br />
set unitOU=Secure Demo CA<br />
</pre><br />
It's your CA replace "UniServer CA" and "Secure Demo CA" with something more appropriate.<br />
<br />
<br />
'''2)''' Edit file: UniServer\udrive\plugins\UniServer_CA\'''Server.bat''' Locate these lines:<br />
<pre><br />
set unitCN=localhost<br />
set unitO=UniServer<br />
set unitOU=Secure Demo<br />
</pre><br />
Replace '''localhost''' with what a user would type into a browser to view your site (do not include the https:// bit)<br>Replace "UniServer" and "Secure Demo" with something appropriate to your site.<br />
<br />
'''''[[#top | Top]]'''''<br />
<br />
== CA Root Certificate ==<br />
The CA's private key (ca.key) should be protected by a hard to guess pass phrase I tend to keep it short and violate this directive. Instead at this stage I move folder UniSrver_CA and all its content to a USB memory stick hence the ca.key is removed from the PC.<br />
<br />
Once a CA is created it is a one time event and should be valid for a much longer period of time than regular certificates hence has been set to 30 years. Since this is a personal server also extend the time for the server certificate again I use 30 years.<br />
<br />
'''''[[#top | Top]]'''''<br />
== Install CA Root ==<br />
The CA's root certificate "'''ca.crt'''" should be published (e.g. located in folder UniServer\udrive\'''www''') on Intranet web pages allowing users to download and install to their browser. Alternatively if file '''ca.crt''' is located on a users PC it can be imported.<br />
<br />
'''''[[#top | Top]]'''''<br />
=== Firefox (3.0.6) ===<br />
<br />
{|<br />
|-<br />
|valign="top"|<br />
'''''Option 1'':''' Download from server<br />
<br />
# Start servers<br />
# Type the following into your browser '''<nowiki>http://localhost/ca.crt</nowiki>'''<br />
# A pop-up is displayed(see image on right)<br />
# '''(A)''' Select as a minimum Trust this CA to identify web sites <br />
# '''(B)''' Click OK<br />
<br />
'''''Option 2'':''' Import file.<br />
I have assumed the file is located in folder UniServer\udrive\'''www'''<br />
<br />
# Start browser<br />
# Select '''Tools > Options'''<br />
# Select '''Advanced''' (top right)<br />
# Select '''Encryption Tab'''<br />
# Click '''View Certificates''' button<br />
# Select '''Authorities TAB''' click '''Import''' button<br />
# Navigate to folder CA4_test\UniServer\udrive\'''www''' and select '''ca.crt'''<br />
# A pop-up is displayed (see image on right)<br />
# '''(A)''' Select as a minimum Trust this CA to identify web sites <br />
# '''(B)''' Click OK <br />
|<br />
&nbsp;<br />
|<br />
[[Image:Uniserver_CA_1.gif]]<br />
|}<br />
<br />
'''''[[#top | Top]]'''''<br />
=== IE (7) ===<br />
'''''Option 1'':''' Download from server<br />
<br />
# Start servers<br />
# Type the following into your browser '''<nowiki>http://localhost/ca.crt</nowiki>'''<br />
# Pop-up displayed <br />
# Click '''Open''' button<br />
# Pop-up Certificate information click '''Install Certificate''' button<br />
# Follow theWizard instructions<br />
<br />
'''''Option 2'':''' Import file.<br />
I have assumed the file is located in folder UniServer\udrive\'''www'''<br />
<br />
# Start browser<br />
# '''Tools > Internet Options'''<br />
# Select '''Content''' tab<br />
# Click '''Certificate''' button<br />
# Select '''Trusted Root Certificate Authorities''' tab<br />
# Click '''Import''' button<br />
# Import Wizzaed starts Click '''Next'''<br />
# Navigate to folder CA4_test\UniServer\udrive\'''www''' and select '''ca.crt''' and open<br />
# Click '''Next''' button<br />
# Place, make sure '''Trusted Root Certificate Authorities''' selected Click '''Next'''<br />
# Click '''Finish'''<br />
# Click '''Yes''' to save<br />
<br />
'''''[[#top | Top]]'''''<br />
== Summary ==<br />
The CA root certificate must be installed on every user's browser that wants to access your server this provents the anoying browser warning pop-ups.<br />
<br />
The real power of running your own CA is the ability to sign certificates this opens up a new world when it comes to authentication. You can restrict access to your server using personal (client) certificates covered on the [[UniServer CA: Client Certificates | next page]].<br />
<br />
'''''[[#top | Top]]'''''<br />
<br />
----<br />
<br />
{|<br />
| [[Image:uc_small_logo.gif]] || [[User:Ric|Ric]]<br />
|}<br />
<br />
[[Category: UniCenter]]<br />
[[Category: Uniform Server 4.0-Mona]]</div>Ric