Sun Java System Portal Server Secure Remote Access 6 2005Q1 °ü¸® ¼³¸í¼ |
7Àå
ÀÎÁõ¼ÀÌ Àå¿¡¼´Â ÀÎÁõ¼ °ü¸®¸¦ ¼³¸íÇÏ°í Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼¿Í ÀÎÁõ ±â°ü¿¡¼ ¹ÞÀº ÀÎÁõ¼¸¦ ¼³Ä¡ÇÏ´Â ¹æ¹ýÀ» ¾Ë¾Æº¾´Ï´Ù.
ÀÌ Àå¿¡¼´Â ´ÙÀ½ ÁÖÁ¦¸¦ ´Ù·ì´Ï´Ù.
SSL ÀÎÁõ¼ÀÇ °³¿äSun Java System Portal Server Secure Remote Access ¼ÒÇÁÆ®¿þ¾î´Â ¿ø°Ý »ç¿ëÀÚ¸¦ À§ÇÑ ÀÎÁõ¼ ±â¹Ý ÀÎÁõÀ» Á¦°øÇÕ´Ï´Ù. SRA´Â SSL (Secure Socket Layer) À» »ç¿ëÇÏ¿© º¸¾È Åë½ÅÀ» °¡´ÉÇÏ°Ô ÇÕ´Ï´Ù. SSL ÇÁ·ÎÅäÄÝÀ» µÎ ÄÄÇ»ÅÍ °£ º¸¾È Åë½ÅÀ» °¡´ÉÇϵµ·Ï ÇØÁÝ´Ï´Ù.
SSL ÀÎÁõ¼¿¡¼´Â °ø°³ Å°¿Í °³ÀÎ Å° ½ÖÀ» »ç¿ëÇÏ¿© ¾ÏÈ£È ¹× ºñ¹Ð¹øÈ£ Çص¶ ±â´ÉÀ» Á¦°øÇÕ´Ï´Ù.
ÀÎÁõ¼ À¯ÇüÀº 2°¡ÁöÀÔ´Ï´Ù.
±âº»ÀûÀ¸·Î °ÔÀÌÆ®¿þÀ̸¦ ¼³Ä¡ÇÒ ¶§¿¡´Â Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼°¡ »ý¼º ¹× ¼³Ä¡µË´Ï´Ù.
¼³Ä¡ ÈÄ ¾ðÁ¦¶óµµ ÀÎÁõ¼¸¦ ¼³Ä¡, ½Àµæ ¶Ç´Â ±³Ã¼ÇÒ ¼ö ÀÖ½À´Ï´Ù.
¶ÇÇÑ °³ÀÎ µðÁöÅÐ ÀÎÁõ¼ (PDC) ¸¦ ÅëÇØ Å¬¶óÀ̾ðÆ® ÀÎÁõÀ» Áö¿øÇÕ´Ï´Ù. PDC´Â SSL Ŭ¶óÀ̾ðÆ® ÀÎÁõÀ¸·Î »ç¿ëÀÚ¸¦ ÀÎÁõÇÏ´Â ¸ÞÄ¿´ÏÁòÀÔ´Ï´Ù. SSL Ŭ¶óÀ̾ðÆ® ÀÎÁõÀ» »ç¿ëÇϸé SSL ÇÚµå¼ÎÀÌÅ©°¡ °ÔÀÌÆ®¿þÀÌ¿¡¼ Á¾·áµË´Ï´Ù. °ÔÀÌÆ®¿þÀÌ´Â »ç¿ëÀÚÀÇ PDC¸¦ ÃßÃâÇÏ¿© ÀÎÁõµÈ ¼¹ö·Î Àü´ÞÇÕ´Ï´Ù. ±×·¯¸é ÀÌ ¼¹ö´Â PDC¸¦ »ç¿ëÇÏ¿© »ç¿ëÀÚ¸¦ ÀÎÁõÇÕ´Ï´Ù. ÀÎÁõ üÀΰú ÇÔ²² PDC¸¦ ±¸¼ºÇÏ·Á¸é ÀÎÁõ üÀÌ´× »ç¿ëÀ» ÂüÁ¶ÇϽʽÿÀ.
SRA¿¡´Â SSL ÀÎÁõ¼¸¦ °ü¸®ÇÏ´Â µ¥ »ç¿ëÇÒ ¼ö ÀÖ´Â certadminÀ̶ó´Â µµ±¸°¡ ÀÖ½À´Ï´Ù. certadmin ½ºÅ©¸³Æ®¸¦ ÂüÁ¶ÇϽʽÿÀ.
Âü°í
ÀÎÁõ¼ Æ˾÷ âÀº SSL ÀÀ¿ë ÇÁ·Î±×·¥¿¡¼ °øÅëÀûÀ¸·Î ³ªÅ¸³³´Ï´Ù. »ç¿ëÀÚ¿¡°Ô °æ°í¸¦ ½ÂÀÎÇÏ°í °è¼Ó ÁøÇàÇϵµ·Ï ¾Ë·ÁÁֽʽÿÀ.
ÀÎÁõ¼ ÆÄÀÏÀÎÁõ¼ °ü·Ã ÆÄÀÏÀº /etc/opt/SUNWps/cert/gateway-profile-name¿¡ ÀÖ½À´Ï´Ù. ÀÌ µð·ºÅ丮¿¡´Â ±âº»ÀûÀ¸·Î ÆÄÀÏÀÌ 5°³ µé¾î ÀÖ½À´Ï´Ù.
Ç¥ 7-1¿¡´Â ÆÄÀÏ°ú ÆÄÀÏ¿¡ ´ëÇÑ ¼³¸íÀÌ ³ª¿µÇ¾î ÀÖ½À´Ï´Ù.
ÀÎÁõ¼ Æ®·¯½ºÆ® ¼Ó¼ºÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼ºÀº ´ÙÀ½°ú °°Àº Á¤º¸¸¦ ³ªÅ¸³À´Ï´Ù.
°¢ ÀÎÁõ¼¿¡´Â "SSL, ÀüÀÚ ¸ÞÀÏ, °´Ã¼ ¼¸í" ¼ø¼·Î »ç¿ëÇÒ ¼ö ÀÖ´Â Æ®·¯½ºÆ® ¹üÁÖ°¡ 3°¡Áö ÀÖ½À´Ï´Ù. ù ¹ø° ¹üÁÖ¸¸ °ÔÀÌÆ®¿þÀÌ¿¡ À¯¿ëÇÕ´Ï´Ù. °¢ ¹üÁÖ À§Ä¡¿¡¼ Æ®·¯½ºÆ® ¼Ó¼º Äڵ尡 »ç¿ëµÇÁö ¾ÊÀ» ¼öµµ ÀÖ°í ¸¹ÀÌ »ç¿ëµÇ±âµµ ÇÕ´Ï´Ù.
¹üÁÖ¿¡ ´ëÇÑ ¼Ó¼º ÄÚµå´Â ½°Ç¥·Î ºÐ¸®µÇ¸ç Àüü ¼Ó¼º ÁýÇÕÀº µû¿ÈÇ¥·Î ¹ÀÔ´Ï´Ù. ¿¹¸¦ µé¾î, °ÔÀÌÆ®¿þÀÌ ¼³Ä¡ ½Ã »ý¼º ¹× ¼³Ä¡µÈ Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼´Â "u,u,u"·Î Ç¥½ÃµÇ´Âµ¥ ÀÌ´Â ·çÆ® CA ÀÎÁõ¼¿Í´Â ¹Ý´ë·Î ¼¹ö ÀÎÁõ¼ (»ç¿ëÀÚ ÀÎÁõ¼) ÀÓÀ» ÀǹÌÇÕ´Ï´Ù.
Ç¥ 7-2¿¡´Â °¡´ÉÇÑ ¼Ó¼º °ª°ú °¢ °ªÀÇ Àǹ̰¡ ³ª¿µÇ¾î ÀÖ½À´Ï´Ù.
CA Æ®·¯½ºÆ® ¼Ó¼ºÀß ¾Ë·ÁÁø °øÀÎ CA´Â ´ëºÎºÐ ÀÎÁõ¼ µ¥ÀÌÅͺ£À̽º¿¡ µé¾î ÀÖ½À´Ï´Ù. °øÀÎ CAÀÇ Æ®·¯½ºÆ® ¼Ó¼º ¼öÁ¤¿¡ ´ëÇÑ ³»¿ëÀº ÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼º ¼öÁ¤À» ÂüÁ¶ÇϽʽÿÀ.
Ç¥ 7-3¿¡´Â Æ®·¯½ºÆ® ¼Ó¼ºÀÌ ÀÖ´Â °¡Àå ÀϹÝÀûÀÎ ÀÎÁõ ±â°üÀÌ ³ª¿µÇ¾î ÀÖ½À´Ï´Ù.
certadmin ½ºÅ©¸³Æ®´ÙÀ½°ú °°Àº ÀÎÁõ¼ °ü¸® ÀÛ¾÷¿¡ certadmin ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼ »ý¼º°¢ ¼¹ö¿Í °ÔÀÌÆ®¿þÀÌ »çÀÌÀÇ SSL Åë½ÅÀ» À§Çؼ´Â ÀÎÁõ¼¸¦ »ý¼ºÇØ¾ß ÇÕ´Ï´Ù.
¼³Ä¡ ÈÄ Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼¸¦ »ý¼ºÇÏ·Á¸é
- ·çÆ®·Î¼ ÀÎÁõ¼¸¦ »ý¼ºÇÏ°íÀÚ ÇÏ´Â °ÔÀÌÆ®¿þÀÌ ÄÄÇ»ÅÍ¿¡ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
portal-server-install-root/SUNWps/bin/certadmin -n gateway-profile-name
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 1¸¦ ¼±ÅÃÇÕ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ½ºÅ©¸³Æ®¿¡¼ ±âÁ¸ µ¥ÀÌÅͺ£À̽º ÆÄÀÏÀ» À¯ÁöÇÒ °ÍÀÎÁö ¹¯½À´Ï´Ù.
- Á¶Á÷º° Á¤º¸, ÅäÅ« À̸§ ¹× ÀÎÁõ¼ À̸§À» ÀÔ·ÂÇÕ´Ï´Ù.
What is the fully-qualified DNS name of this host? [host_name.domain_name]
What is the name of your organization (ex: Company)? []
What is the name of your organizational unit (ex: division)? []
What is the name of your City or Locality? []
What is the name (no abbreviation please) of your State or Province? []
What is the two-letter country code for this unit? []
Token name is needed only if you are not using the default internal (software) cryptographic module, for example, if you want to use a crypto card (Token names could be listed using: modutil -dbdir /etc/opt/SUNWps/cert/gateway-profile-name -list); Otherwise, just hit Return below.
Please enter the token name. []
Enter the name you like for this certificate?
Enter the validity period for the certificate (months) [6]
A self-signed certificate is generated and the prompt returns.
ÅäÅ« À̸§ (±âº»ÀûÀ¸·Î ºñ¾î ÀÖÀ½) °ú ÀÎÁõ¼ À̸§Àº /etc/opt/SUNWps/cert/gateway-profile-nameÀÇ .nickname ÆÄÀÏ¿¡ ÀúÀåµË´Ï´Ù.
- ÀÎÁõ¼°¡ Àû¿ëµÇµµ·Ï °ÔÀÌÆ®¿þÀ̸¦ ´Ù½Ã ½ÃÀÛÇÕ´Ï´Ù.
gateway-install-root/SUNWps/bin/gateway -n new gateway-profile-name start
ÀÎÁõ¼ ¼¸í ¿äû (CSR) »ý¼ºCA°¡ ¹ß±ÞÇÏ´Â ÀÎÁõ¼¸¦ ÁÖ¹®Çϱâ Àü¿¡ CA¿¡¼ ¿ä±¸ÇÏ´Â Á¤º¸°¡ µé¾î ÀÖ´Â ÀÎÁõ¼ ¼¸í ¿äûÀ» ¸¸µé¾î¾ß ÇÕ´Ï´Ù.
CSR¸¦ »ý¼ºÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
portal-server-install-root/SUNWps/bin/certadmin -n gateway-profile-name
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 2
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 2¸¦ ¼±ÅÃÇÕ´Ï´Ù.
½ºÅ©¸³Æ®¿¡¼ Á¶Á÷º° Á¤º¸, ÅäÅ« À̸§ ¹× À¥ ¸¶½ºÅÍÀÇ ÀüÀÚ ¿ìÆí°ú ÀüÈ ¹øÈ£¸¦ ÀÔ·ÂÇ϶ó´Â ¸Þ½ÃÁö¸¦ Ç¥½ÃÇÕ´Ï´Ù.
È£½ºÆ®ÀÇ Á¤±Ô DNS À̸§À» ¹Ýµå½Ã ÁöÁ¤ÇØ¾ß ÇÕ´Ï´Ù.
What is the fully-qualified DNS name of this host? [snape.sesta.com]
What is the name of your organization (ex: Company)? []
What is the name of your organizational unit (ex: division)? []
What is the name of your City or Locality? []
What is the name (no abbreviation please) of your State or Province? []
What is the two-letter country code for this unit? []
Token name is needed only if you are not using the default internal (software) cryptographic module, for example, if you want to use a crypto card (Token names could be listed using: modutil -dbdir /etc/opt/SUNWps/cert -list); Otherwise, just hit Return below.
Please enter the token name []
Now input some contact information for the webmaster of the machine that the certificate is to be generated for.
What is the email address of the admin/webmaster for this server [] ?
What is the phone number of the admin/webmaster for this server [] ?
- ÇÊ¿äÇÑ Á¤º¸¸¦ ¸ðµÎ ÀÔ·ÂÇϽʽÿÀ.
CSRÀÌ »ý¼ºµÇ¾î portal-server-install-root/SUNWps/bin/csr.hostname.datetimestamp ÆÄÀÏ¿¡ ÀúÀåµË´Ï´Ù. CSRÀº ȸ鿡µµ ÀμâµË´Ï´Ù. CA°¡ ¹ß±ÞÇÏ´Â ÀÎÁõ¼¸¦ ÁÖ¹®ÇÒ ¶§ CSR¸¦ Á÷Á¢ º¹»çÇÑ ÈÄ ºÙ¿©³ÖÀ» ¼ö ÀÖ½À´Ï´Ù.
·çÆ® CA ÀÎÁõ¼ Ãß°¡Å¬¶óÀ̾ðÆ® »çÀÌÆ®¿¡¼ °ÔÀÌÆ®¿þÀÌ ÀÎÁõ¼ µ¥ÀÌÅͺ£À̽º¿¡ ¾Ë·ÁÁöÁö ¾ÊÀº CA¿¡¼ ¼¸íÇÑ ÀÎÁõ¼¸¦ Á¦½ÃÇϸé SSL ÇÚµå¼ÎÀÌÅ©°¡ ½ÇÆÐÇÕ´Ï´Ù.
À̸¦ ¹æÁöÇÏ·Á¸é ·çÆ® CA ÀÎÁõ¼¸¦ ÀÎÁõ¼ µ¥ÀÌÅͺ£À̽º¿¡ Ãß°¡ÇØ¾ß ÇÕ´Ï´Ù. ±×·¯¸é °ÔÀÌÆ®¿þÀÌ¿¡¼ CA¸¦ ÀνÄÇÒ ¼ö ÀÖ°Ô µË´Ï´Ù.
CAÀÇ À¥ »çÀÌÆ®¸¦ ã¾Æ¼ ÇØ´ç CAÀÇ ·çÆ® ÀÎÁõ¼¸¦ ¾òÀ¸½Ê½Ã¿À. certadmin ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÒ ¶§ ÆÄÀÏ À̸§°ú ·çÆ® CA ÀÎÁõ¼ÀÇ °æ·Î¸¦ ÁöÁ¤ÇÕ´Ï´Ù.
·çÆ® CA ÀÎÁõ¼¸¦ Ãß°¡ÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
portal-server-install-root/SUNWps/bin/certadmin -n gateway-profile-name
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 3
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 3À» ¼±ÅÃÇÕ´Ï´Ù.
- ·çÆ® ÀÎÁõ¼°¡ µé¾î ÀÖ´Â ÆÄÀÏ À̸§À» ÀÔ·ÂÇÑ ´ÙÀ½ ÀÎÁõ¼ À̸§À» ÀÔ·ÂÇÕ´Ï´Ù.
±×·¯¸é ·çÆ® CA ÀÎÁõ¼°¡ ÀÎÁõ¼ µ¥ÀÌÅͺ£À̽º¿¡ Ãß°¡µË´Ï´Ù.
ÀÎÁõ ±â°ü¿¡¼ ¹ß±ÞÇÑ SSL ÀÎÁõ¼ ¼³Ä¡°ÔÀÌÆ®¿þÀ̸¦ ¼³Ä¡ÇÏ´Â µ¿¾È ±âº»ÀûÀ¸·Î Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼°¡ ¸¸µé¾îÁ® ¼³Ä¡µË´Ï´Ù. ¼³Ä¡ ÈÄ ¾ðÁ¦¶óµµ °ø½Ä ÀÎÁõ ±â°ü (CA) ¼ºñ½º¸¦ Á¦°øÇÏ´Â °ø±ÞÀÚ ¶Ç´Â ±â¾÷ CA¿¡ ÀÇÇØ ¼¸íµÈ SSL ÀÎÁõ¼¸¦ ¼³Ä¡ÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÌ ÀÛ¾÷Àº ´ÙÀ½°ú °°Àº 3´Ü°è·Î ÀÌ·ç¾îÁý´Ï´Ù.
CA¿¡¼ ¹ß±ÞÇÏ´Â ÀÎÁõ¼ ÁÖ¹®
ÀÎÁõ¼ ¼¸í ¿äû (CSR)À» ¸¸µé¾úÀ¸¸é CSR¸¦ »ç¿ëÇÏ¿© CA°¡ ¹ß±ÞÇÏ´Â ÀÎÁõ¼¸¦ ÁÖ¹®ÇØ¾ß ÇÕ´Ï´Ù.
CA°¡ ¹ß±ÞÇÏ´Â ÀÎÁõ¼¸¦ ÁÖ¹®ÇÏ·Á¸é
- ÀÎÁõ ±â°üÀÇ À¥ »çÀÌÆ®·Î °¡¼ ÀÎÁõ¼¸¦ ÁÖ¹®ÇÕ´Ï´Ù.
- CAÀÇ ¿äû¿¡ µû¶ó CSR¸¦ Á¦°øÇÕ´Ï´Ù. CAÀÇ ¿äû¿¡ µû¶ó ±âŸ Á¤º¸µµ Á¦°øÇÕ´Ï´Ù.
±×·¯¸é CA°¡ ¹ß±ÞÇÏ´Â ÀÎÁõ¼¸¦ ¹Þ°Ô µË´Ï´Ù. ÀÎÁõ¼¸¦ ÆÄÀÏ¿¡ ÀúÀåÇÕ´Ï´Ù. ÆÄÀÏ¿¡ ÀÎÁõ¼¿Í ÇÔ²² "BEGIN CERTIFICATE" ¹× "END CERTIFICATE" ÁÙÀ» Æ÷ÇÔ½Ãŵ´Ï´Ù.
´ÙÀ½ ¿¹Á¦¿¡¼´Â ½ÇÁ¦ ÀÎÁõ¼ µ¥ÀÌÅ͸¦ »ý·«ÇÏ¿´½À´Ï´Ù.
CA¿¡¼ ¹ÞÀº ÀÎÁõ¼ ¼³Ä¡
certadmin ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÏ¿© CA¿¡¼ ¹ÞÀº ÀÎÁõ¼¸¦ /etc/opt/SUNWps/cert/gateway-profile-nameÀÇ ·ÎÄà µ¥ÀÌÅͺ£À̽º ÆÄÀÏ¿¡ ¼³Ä¡ÇÕ´Ï´Ù.
CA¿¡¼ ¹ÞÀº ÀÎÁõ¼¸¦ ¼³Ä¡ÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
portal-server-install-root/SUNWps/bin/certadmin -n gateway-profile-name
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 4
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 4¸¦ ¼±ÅÃÇÕ´Ï´Ù.
½ºÅ©¸³Æ®¿¡¼ ÀÎÁõ¼ ÆÄÀÏ À̸§, ÀÎÁõ¼ À̸§ ¹× ÅäÅ« À̸§À» ÀÔ·ÂÇ϶ó°í ¿äûÇÕ´Ï´Ù.
What is the name (including path) of file that contains the certificate?
Please enter the token name you used when creating CSR for this certificate. []
- ÇÊ¿äÇÑ Á¤º¸¸¦ ¸ðµÎ ÀÔ·ÂÇϽʽÿÀ.
ÀÎÁõ¼°¡ /etc/opt/SUNWps/cert/gateway-profile-name¿¡ ¼³Ä¡µÇ°í È¸é ¸Þ½ÃÁö°¡ ³ªÅ¸³³´Ï´Ù.
- ÀÎÁõ¼°¡ Àû¿ëµÇµµ·Ï °ÔÀÌÆ®¿þÀ̸¦ ´Ù½Ã ½ÃÀÛÇÕ´Ï´Ù.
gateway-install-root/SUNWps/bin/gateway -n gateway-profile-name start
ÀÎÁõ¼ »èÁ¦ÀÎÁõ¼ °ü¸® ½ºÅ©¸³Æ®¸¦ »ç¿ëÇϸé ÀÎÁõ¼¸¦ »èÁ¦ÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÎÁõ¼¸¦ »èÁ¦ÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
¿©±â¼ gateway-profile-nameÀº °ÔÀÌÆ®¿þÀÌ ÀνºÅϽºÀÇ À̸§ÀÔ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 5
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 5¸¦ ¼±ÅÃÇÕ´Ï´Ù.
- »èÁ¦ÇÒ ÀÎÁõ¼ÀÇ À̸§À» ÀÔ·ÂÇϽʽÿÀ.
ÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼º ¼öÁ¤ÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼ºÀ» ¼öÁ¤ÇØ¾ß ÇÏ´Â ÇÑ °æ¿ì´Â °ÔÀÌÆ®¿þÀÌ¿¡¼ Ŭ¶óÀ̾ðÆ® ÀÎÁõÀÌ »ç¿ëµÉ ¶§ÀÔ´Ï´Ù. Ŭ¶óÀ̾ðÆ® ÀÎÁõÀÇ ÇÑ ¿¹´Â PDC (Personal Digital Certificate)ÀÔ´Ï´Ù. PDC¸¦ ¹ß±ÞÇÏ´Â CA´Â °ÔÀÌÆ®¿þÀÌ¿¡ ÀÇÇØ ÀÎÁõµÇ¾î¾ß Çϸç CA ÀÎÁõ¼¿¡´Â SSL¿ëÀ¸·Î "T"¶ó°í Ç¥½ÃµÇ¾î ÀÖ¾î¾ß ÇÕ´Ï´Ù.
°ÔÀÌÆ®¿þÀÌ ±¸¼º ¿ä¼Ò°¡ HTTPS »çÀÌÆ®¿Í Åë½ÅÇϵµ·Ï ¼³Á¤µÈ °æ¿ì HTTPS »çÀÌÆ® ¼¹ö ÀÎÁõ¼ÀÇ CA´Â °ÔÀÌÆ®¿þÀÌ¿¡¼ ÀÎÁõµÇ¾î¾ß Çϸç CA ÀÎÁõ¼¿¡´Â SSL¿ëÀÇ "C" Ç¥½Ã°¡ ÀÖ¾î¾ß ÇÕ´Ï´Ù.
ÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼ºÀ» ¼öÁ¤ÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
¿©±â¼ gateway-profile-nameÀº °ÔÀÌÆ®¿þÀÌ ÀνºÅϽºÀÇ À̸§ÀÔ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 6
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 6¸¦ ¼±ÅÃÇÕ´Ï´Ù.
- ÀÎÁõ¼ÀÇ À̸§À» ÀÔ·ÂÇÕ´Ï´Ù. ¿¹¸¦ µé¾î, Thawte Personal Freemail C¿Í °°ÀÌ ÀÔ·ÂÇÏ¸é µË´Ï´Ù.
- ÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼ºÀ» ÀÔ·ÂÇÕ´Ï´Ù.
ÀÎÁõ¼ Æ®·¯½ºÆ® ¼Ó¼ºÀÌ º¯°æµË´Ï´Ù.
·çÆ® CA ÀÎÁõ¼ ³ª¿ÀÎÁõ¼ °ü¸® ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÏ¸é ¸ðµç ·çÆ® CA ÀÎÁõ¼¸¦ º¼ ¼ö ÀÖ½À´Ï´Ù.
·çÆ® CA ¸ñ·ÏÀ» º¸·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
¿©±â¼ gateway-profile-nameÀº °ÔÀÌÆ®¿þÀÌ ÀνºÅϽºÀÇ À̸§ÀÔ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 7
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 7¸¦ ¼±ÅÃÇÕ´Ï´Ù.
¸ðµç ·çÆ® CA ÀÎÁõ¼°¡ Ç¥½ÃµË´Ï´Ù.
¸ðµç ÀÎÁõ¼ ³ª¿ÀÎÁõ¼ °ü¸® ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÏ¸é ¸ðµç ÀÎÁõ¼¿¡ ÇØ´çÇÏ´Â Æ®·¯½ºÆ® ¼Ó¼ºÀ» º¼ ¼ö ÀÖ½À´Ï´Ù.
¸ðµç ÀÎÁõ¼¸¦ ³ª¿ÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
¿©±â¼ gateway-profile-nameÀº °ÔÀÌÆ®¿þÀÌ ÀνºÅϽºÀÇ À̸§ÀÔ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 8
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 8¸¦ ¼±ÅÃÇÕ´Ï´Ù.
¸ðµç CA ÀÎÁõ¼°¡ Ç¥½ÃµË´Ï´Ù.
ÀÎÁõ¼ ÀμâÀÎÁõ¼ °ü¸® ½ºÅ©¸³Æ®¸¦ »ç¿ëÇϸé ÀÎÁõ¼¸¦ ÀμâÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÎÁõ¼¸¦ ÀμâÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
¿©±â¼ gateway-profile-nameÀº °ÔÀÌÆ®¿þÀÌ ÀνºÅϽºÀÇ À̸§ÀÔ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 9
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 9¸¦ ¼±ÅÃÇÕ´Ï´Ù.
- ÀÎÁõ¼ÀÇ À̸§À» ÀÔ·ÂÇÕ´Ï´Ù.