test

Sun WebServer 2.1 Installation Guide

Installing Site Credentials

To Install Site Credentials on a Sun WebServer Machine

  1. Copy the directories where the site's credentials are stored to the Sun WebServer machine.

    If the Root CA machine and the Sun WebServer machine are the same, skip this step.

    You can move the directory to a floppy disk or other portable medium, or you can share the directory with the Sun WebServer machine over NFS.

    In either case, copy the directory you specified for the output of sslgencrd and all of its subdirectories. The directory should contain:

    • certs/IP_Address.CERT

    • keypkgs/IP_Address.KEYPKG

    where IP_Address is the address used by the web site.

    Note -

    The SSL script setup_creds has been renamed to sslgencrd.

  2. As root on the Sun WebServer machine, run /usr/http/bin/sslstore.

    Note -

    The SSL script install_certs has been renamed to sslstore.

    You will need to specify the path to the credentials, the IP address of the web site, and the user ID (uid) of the Sun WebServer process. For example 


    # /usr/http/bin/sslstore -p /floppy/cert_floppy -i \
121.122.123.12 0

    Valid options are:

    -c

    Indicates reinstallation of local certificate. This option replaces a third party certificate with the original self-signed certificate. The self-signed certificate created with sslgencrd from the credentials directory should be preserved. The same credentials directory is specified again in the -p option.

    Note -

    It is recommended that you save third party certificates received from a CA in a file because they cannot be recovered after they have been removed with the -c option.

    -i IP_Address

    Specifies the IP address of the web site for which credentials are being created.

    uid

    User ID under which the web server process runs. Default uid is 0.

    -p path

    Certificates directory.

  3. Enter the key package password for this web site.

    This is the password specified in step Step 8 in "Creating Credentials". 


    /usr/bin/skilogin: Enter host key package password

    The credentials are now stored on the Sun WebServer machine. Follow the next procedure to configure the web site to use SSL.