Sun ONE Portal Server, Secure Remote Access 6.2 °ü¸®ÀÚ ¼³¸í¼ |
7 Àå
ÀÎÁõ¼ÀÌ Àå¿¡¼´Â ÀÎÁõ¼ °ü¸®¸¦ ¼³¸íÇϰí Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼¿Í ÀÎÁõ ±â°ü¿¡¼ ¹ÞÀº ÀÎÁõ¼¸¦ ¼³Ä¡ÇÏ´Â ¹æ¹ýÀ» ¾Ë¾Æº¾´Ï´Ù.
À̹ø Àå¿¡¼´Â ´ÙÀ½ ÁÖÁ¦¸¦ ´Ù·ì´Ï´Ù.
SSL ÀÎÁõ¼ÀÇ °³¿äSun¢â ONE Portal Server, Secure Remote Access ¼ÒÇÁÆ®¿þ¾î´Â ¿ø°Ý »ç¿ëÀÚ¸¦ ÀÎÁõ¼¿¡ ±â¹ÝÇÏ¿© ÀÎÁõÇÕ´Ï´Ù. Secure Remote Access´Â SSL (Secure Sockets Layer)¸¦ »ç¿ëÇÏ¿© º¸¾È Åë½ÅÀ» °¡´ÉÇÏ°Ô ÇÕ´Ï´Ù. SSL ÇÁ·ÎÅäÄÝÀ» µÎ ÄÄÇ»ÅÍ °£ º¸¾È Åë½ÅÀ» °¡´ÉÇϵµ·Ï ÇØÁÝ´Ï´Ù.
SSL ÀÎÁõ¼¿¡¼´Â °ø°³ Ű¿Í °³ÀΠŰ ½ÖÀ» »ç¿ëÇÏ¿© ¾ÏÈ£È ¹× ¾ÏÈ£ ÇØµ¶ ±â´ÉÀ» Á¦°øÇÕ´Ï´Ù.
ÀÎÁõ¼ À¯ÇüÀº 2°¡ÁöÀÔ´Ï´Ù.
±âº»ÀûÀ¸·Î °ÔÀÌÆ®¿þÀ̸¦ ¼³Ä¡ÇÒ ¶§´Â Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼°¡ »ý¼º ¹× ¼³Ä¡µË´Ï´Ù.
¼³Ä¡ÈÄ ¾ðÁ¦¶óµµ ÀÎÁõ¼¸¦ ¼³Ä¡, ½Àµæ ¶Ç´Â ±³Ã¼ÇÒ ¼ö ÀÖ½À´Ï´Ù.
Secure Remote Accessµµ °³ÀÎ µðÁöÅÐ ÀÎÁõ¼(PDC)¸¦ ÅëÇØ Ŭ¶óÀÌ¾ðÆ® ÀÎÁõÀ» Áö¿øÇÕ´Ï´Ù. PDC´Â SSL Ŭ¶óÀÌ¾ðÆ® ÀÎÁõÀ¸·Î »ç¿ëÀÚ¸¦ ÀÎÁõÇÏ´Â ¸ÞÄ¿´ÏÁòÀÔ´Ï´Ù. SSL Ŭ¶óÀÌ¾ðÆ® ÀÎÁõÀ» »ç¿ëÇϸé SSL ÇÚµå¼ÎÀÌÅ©°¡ °ÔÀÌÆ®¿þÀÌ¿¡¼ Á¾·áµË´Ï´Ù. °ÔÀÌÆ®¿þÀÌ´Â »ç¿ëÀÚÀÇ PDC¸¦ ÃßÃâÇÏ¿© ÀÎÁõµÈ ¼¹ö·Î Àü´ÞÇÕ´Ï´Ù. ±×·¯¸é ÀÌ ¼¹ö´Â PDC¸¦ »ç¿ëÇÏ¿© »ç¿ëÀÚ¸¦ ÀÎÁõÇÕ´Ï´Ù. ÀÎÁõ üÀΰú ÇÔ²² PDC¸¦ ±¸¼ºÇÏ·Á¸é "ÀÎÁõ üÀÌ´× »ç¿ë"À» ÂüÁ¶ÇϽʽÿÀ.
Secure Remote Access¿¡´Â SSL ÀÎÁõ¼¸¦ °ü¸®ÇÏ´Â µ¥ »ç¿ëÇÒ ¼ö ÀÖ´Â certadminÀ̶ó´Â µµ±¸°¡ ÀÖ½À´Ï´Ù. "certadmin ½ºÅ©¸³Æ®"À» ÂüÁ¶ÇϽʽÿÀ.
ÀÎÁõ¼ ÆÄÀÏÆÄÀϰú ¿¬°ü ÀÖ´Â ÀÎÁõ¼´Â /etc/opt/SUNWps/cert/default/gateway-profile-name¿¡ ÀÖ½À´Ï´Ù. ÀÌ µð·ºÅ丮¿¡´Â ±âº»ÀûÀ¸·Î ÆÄÀÏÀÌ 5°³ µé¾î ÀÖ½À´Ï´Ù.
Ç¥ 7-1 ¿¡´Â ÆÄÀϰú ÆÄÀÏ¿¡ ´ëÇÑ ¼³¸íÀÌ ³ª¿µÇ¾î ÀÖ½À´Ï´Ù. ù ¹øÂ° ¿¿¡´Â ÀÎÁõ¼ ÆÄÀÏ À̸§ÀÌ ³ª¿µÇ¾î ÀÖÀ¸¸ç µÎ ¹øÂ° ¿Àº ÆÄÀÏ Çü½ÄÀ» ÁöÁ¤ÇÏ°í ¼¼ ¹øÂ° ¿Àº ÆÄÀÏ¿¡ ´ëÇÑ ¼³¸íÀÔ´Ï´Ù.
ÀÎÁõ¼ Æ®·¯½ºÆ® ¼Ó¼ºÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼ºÀº ´ÙÀ½À» Ç¥½ÃÇÕ´Ï´Ù.
°¢ ÀÎÁõ¼¿¡´Â "SSL, ÀüÀÚ ¸ÞÀÏ, °³Ã¼ ¼¸í" ¼ø¼·Î »ç¿ëÇÒ ¼ö ÀÖ´Â Æ®·¯½ºÆ® ¹üÁÖ°¡ 3°¡Áö ÀÖ½À´Ï´Ù. °ÔÀÌÆ®¿þÀÌ ±¸¼º ¿ä¼Ò¿¡´Â ù ¹øÂ° ¹üÁÖ¸¸ »ç¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù. °¢ ¹üÁÖ À§Ä¡¿¡¼ Æ®·¯½ºÆ® ¼Ó¼º Äڵ尡 »ç¿ëµÇÁö ¾ÊÀ» ¼öµµ ÀÖ°í ¸¹ÀÌ »ç¿ëµÇ±âµµ ÇÕ´Ï´Ù.
¹üÁÖ¿¡ ´ëÇÑ ¼Ó¼º ÄÚµå´Â ½°Ç¥·Î ºÐ¸®µÇ¸ç Àüü ¼Ó¼º ÁýÇÕÀº µû¿ÈÇ¥·Î ¹ÀÔ´Ï´Ù. ¿¹¸¦ µé¾î, °ÔÀÌÆ®¿þÀÌ ¼³Ä¡ ½Ã »ý¼º ¹× ¼³Ä¡µÈ Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼´Â "u,u,u"·Î Ç¥½ÃµÇ´Â µ¥ ÀÌ´Â ·çÆ® CA ÀÎÁõ¼¿Í´Â ¹Ý´ë·Î ¼¹ö ÀÎÁõ¼(»ç¿ëÀÚ ÀÎÁõ¼)ÀÓÀ» ÀǹÌÇÕ´Ï´Ù.
Ç¥ 7-2 ¿¡´Â °¡´ÉÇÑ ¼Ó¼º °ª°ú °¢ °ªÀÇ Àǹ̰¡ ³ª¿µÇ¾î ÀÖ½À´Ï´Ù. ù ¹øÂ° ¿¿¡´Â ¼Ó¼ºÀÌ ³ª¿µÇ¾î ÀÖÀ¸¸ç µÎ ¹øÂ° ¿Àº ¼Ó¼º¿¡ ´ëÇØ ¼³¸íÇÕ´Ï´Ù.
CA Æ®·¯½ºÆ® ¼Ó¼ºÀß ¾Ë·ÁÁø °øÀÎ CA´Â ´ëºÎºÐ ÀÎÁõ¼ µ¥ÀÌÅͺ£À̽º¿¡ µé¾î ÀÖ½À´Ï´Ù. °øÀÎ CAÀÇ Æ®·¯½ºÆ® ¼Ó¼ºÀ» ¼öÁ¤ÇÏ´Â µ¥ ´ëÇÑ ³»¿ëÀº "ÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼º ¼öÁ¤"À» ÂüÁ¶ÇϽʽÿÀ.
Ç¥ 7-3 ¿¡´Â Æ®·¯½ºÆ® ¼Ó¼ºÀÌ ÀÖ´Â °¡Àå ÀϹÝÀûÀÎ ÀÎÁõ ±â°üÀÌ ³ª¿µÇ¾î ÀÖ½À´Ï´Ù. ù ¹øÂ° ¿¿¡´Â ÀÎÁõ ±â°üÀÌ ³ª¿µÇ¾î ÀÖÀ¸¸ç µÎ ¹øÂ° ¿¿¡´Â °¢ CAÀÇ Æ®·¯½ºÆ® ¼Ó¼ºÀÌ ³ª¿µÇ¾î ÀÖ½À´Ï´Ù.
certadmin ½ºÅ©¸³Æ®´ÙÀ½°ú °°Àº ÀÎÁõ¼ °ü¸® ÀÛ¾÷¿¡ certadmin ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼ »ý¼º°¢ ¼¹ö¿Í °ÔÀÌÆ®¿þÀÌ ±¸¼º ¿ä¼Ò »çÀÌÀÇ SSL Åë½ÅÀ» À§ÇØ ¼´Â ÀÎÁõ¼¸¦ »ý¼ºÇØ¾ß ÇÕ´Ï´Ù.
¼³Ä¡ ÈÄ Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼¸¦ »ý¼ºÇÏ·Á¸é
- ·çÆ®·Î¼ ÀÎÁõ¼¸¦ »ý¼ºÇϰíÀÚ ÇÏ´Â °ÔÀÌÆ®¿þÀÌ ÄÄÇ»ÅÍ¿¡ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
portal-server-install-root/SUNWps/bin/certadmin -n gateway-profile-name
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 1¸¦ ¼±ÅÃÇÕ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ½ºÅ©¸³Æ®¿¡¼ ±âÁ¸ µ¥ÀÌÅͺ£À̽º ÆÄÀÏÀ» À¯ÁöÇÒ °ÍÀÎÁö ¹¯½À´Ï´Ù.
- Á¶Á÷º° Á¤º¸, ÅäÅ« À̸§ ¹× ÀÎÁõ¼ À̸§À» ÀÔ·ÂÇÕ´Ï´Ù.
What is the fully-qualified DNS name of this host? [host_name.domain_name]
What is the name of your organization (ex: Company)? []
What is the name of your organizational unit (ex: division)? []
What is the name of your City or Locality? []
What is the name (no abbreviation please) of your State or Province? []
What is the two-letter country code for this unit? []
ÅäÅ« À̸§Àº ¿¹¸¦ µé¾î ¾ÏÈ£ Ä«µå¸¦ »ç¿ëÇÏ·Á´Â °æ¿ì¿Í °°ÀÌ ±âº» ³»ºÎ(¼ÒÇÁÆ®¿þ¾î) ¾ÏÈ£È ¸ðµâÀ» »ç¿ëÇÏÁö ¾Ê´Â °æ¿ì¿¡¸¸ ÇÊ¿äÇÕ´Ï´Ù(ÅäÅ« À̸§Àº ´ÙÀ½À» »ç¿ëÇÏ¿© ³ª¿ÇÒ ¼ö ÀÖ½À´Ï´Ù. modutil -dbdir /etc/opt/SUNWps/cert/gateway-profile-name -list). ±×·¸Áö ¾ÊÀº °æ¿ì´Â ¾Æ·¡ Enter¸¦ ´©¸¨´Ï´Ù.
Please enter the token name. []
Enter the name you like for this certificate?
Enter the validity period for the certificate (months) [6]
A self-signed certificate is generated and the prompt returns.
ÅäÅ« À̸§(±âº»ÀûÀ¸·Î´Â ºñ¾î ÀÖÀ½)°ú ÀÎÁõ¼ À̸§Àº /etc/opt/SUNWps/cert/gateway-profile-name ¿¡ ÀÖ´Â .nickname ÆÄÀÏ¿¡ ÀúÀåµË´Ï´Ù.
- ÀÎÁõ¼°¡ Àû¿ëµÇµµ·Ï °ÔÀÌÆ®¿þÀ̸¦ ´Ù½Ã ½ÃÀÛÇÕ´Ï´Ù.
gateway-install-root/SUNWps/bin/gateway -n new gateway-profile-name start
ÀÎÁõ¼ ¼¸í ¿äû(CSR) »ý¼ºCA·ÎºÎÅÍ ÀÎÁõ¼¸¦ ÁÖ¹®Çϱâ Àü¿¡ CA¿¡¼ ¿ä±¸ÇÏ´Â Á¤º¸°¡ µé¾î ÀÖ´Â ÀÎÁõ¼ ¼¸í ¿äûÀ» ¸¸µé¾î¾ß ÇÕ´Ï´Ù.
CSRÀ» »ý¼ºÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
portal-server-install-root/SUNWps/bin/certadmin -n gateway-profile-name
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 2
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 2¸¦ ¼±ÅÃÇÕ´Ï´Ù.
½ºÅ©¸³Æ®¿¡¼ Á¶Á÷º° Á¤º¸, ÅäÅ« À̸§ ¹× À¥ ¸¶½ºÅÍÀÇ ÀüÀÚ ¸ÞÀϰú ÀüÈ ¹øÈ£¸¦ ÀÔ·ÂÇ϶ó´Â ¸Þ½ÃÁö¸¦ Ç¥½ÃÇÕ´Ï´Ù.
È£½ºÆ®ÀÇ ¿ÏÀüÇÑ Á¤±Ô DNS À̸§À» ¹Ýµå½Ã ÁöÁ¤ÇØ¾ß ÇÕ´Ï´Ù.
What is the fully-qualified DNS name of this host? [snape.sesta.com]
What is the name of your organization (ex: Company)? []
What is the name of your organizational unit (ex: division)? []
What is the name of your City or Locality? []
What is the name (no abbreviation please) of your State or Province? []
What is the two-letter country code for this unit? []
ÅäÅ« À̸§Àº ¿¹¸¦ µé¾î ¾ÏÈ£ Ä«µå¸¦ »ç¿ëÇÏ·Á´Â °æ¿ì¿Í °°ÀÌ ±âº» ³»ºÎ(¼ÒÇÁÆ®¿þ¾î) ¾ÏÈ£È ¸ðµâÀ» »ç¿ëÇÏÁö ¾Ê´Â °æ¿ì¿¡¸¸ ÇÊ¿äÇÕ´Ï´Ù(ÅäÅ« À̸§Àº ´ÙÀ½À» »ç¿ëÇÏ¿© ³ª¿ÇÒ ¼ö ÀÖ½À´Ï´Ù. modutil -dbdir /etc/opt/SUNWps/cert -list). ±×·¸Áö ¾ÊÀº °æ¿ì´Â ¾Æ·¡ Enter¸¦ ´©¸¨´Ï´Ù.
Please enter the token name []
Now input some contact information for the webmaster of the machine that the certificate is to be generated for.
What is the email address of the admin/webmaster for this server [] ?
What is the phone number of the admin/webmaster for this server [] ?
- ÇÊ¿äÇÑ Á¤º¸¸¦ ¸ðµÎ ÀÔ·ÂÇϽʽÿÀ.
CSRÀÌ »ý¼ºµÇ¾î portal-server-install-root/SUNWps/bin/csr.hostname.datetimestamp ÆÄÀÏ¿¡ ÀúÀåµË´Ï´Ù. CSRÀº ȸ鿡µµ ÀμâµË´Ï´Ù. CA·ÎºÎÅÍ ÀÎÁõ¼¸¦ ÁÖ¹®ÇÒ ¶§ CSRÀ» Á÷Á¢ º¹»çÇÑ ÈÄ ºÙ¿©³ÖÀ» ¼ö ÀÖ½À´Ï´Ù.
·çÆ® CA ÀÎÁõ¼ Ãß°¡Å¬¶óÀÌ¾ðÆ® »çÀÌÆ®¿¡¼ °ÔÀÌÆ®¿þÀÌ ÀÎÁõ¼ µ¥ÀÌÅͺ£À̽º¿¡ ¾Ë·ÁÁöÁö ¾ÊÀº CA¿¡¼ ¼¸íÇÑ ÀÎÁõ¼¸¦ Á¦½ÃÇϸé SSL ÇÚµå¼ÎÀÌÅ©°¡ ½ÇÆÐÇÕ´Ï´Ù.
À̸¦ ¹æÁöÇÏ·Á¸é ·çÆ® CA ÀÎÁõ¼¸¦ ÀÎÁõ¼ µ¥ÀÌÅͺ£À̽º¿¡ Ãß°¡ÇØ¾ß ÇÕ´Ï´Ù. ±×·¯¸é °ÔÀÌÆ®¿þÀÌ¿¡¼ CA¸¦ ÀνÄÇÒ ¼ö ÀÖ°Ô µË´Ï´Ù.
CAÀÇ À¥ »çÀÌÆ®¸¦ ã¾Æ¼ ÇØ´ç CA¿¡ ´ëÇÑ ·çÆ® ÀÎÁõ¼¸¦ ¾òÀ¸½Ê½Ã¿À. certadmin ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÒ ¶§ ÆÄÀÏ À̸§°ú ·çÆ® CA ÀÎÁõ¼ÀÇ °æ·Î¸¦ ÁöÁ¤ÇÕ´Ï´Ù.
·çÆ® CA ÀÎÁõ¼¸¦ Ãß°¡ÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
portal-server-install-root/SUNWps/bin/certadmin -n gateway-profile-name
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 3
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 3¸¦ ¼±ÅÃÇÕ´Ï´Ù.
- ·çÆ® ÀÎÁõ¼°¡ µé¾î ÀÖ´Â ÆÄÀÏ À̸§À» ÀÔ·ÂÇÑ ´ÙÀ½ ÀÎÁõ¼ À̸§À» ÀÔ·ÂÇÕ´Ï´Ù.
±×·¯¸é ·çÆ® CA ÀÎÁõ¼°¡ ÀÎÁõ¼ µ¥ÀÌÅͺ£À̽º¿¡ Ãß°¡µË´Ï´Ù.
ÀÎÁõ ±â°üÀ¸·ÎºÎÅÍ SSL ÀÎÁõ¼ ¼³Ä¡Secure Remote AccessÀÇ °ÔÀÌÆ®¿þÀÌ ±¸¼º ¿ä¼Ò¸¦ ¼³Ä¡ÇÏ´Â µ¿¾È Á÷Á¢ ¼¸íÇÑ ÀÎÁõ¼°¡ ±âº»ÀûÀ¸·Î ¸¸µé¾îÁ® ¼³Ä¡µË´Ï´Ù. ¼³Ä¡ ÈÄ ¾ðÁ¦¶óµµ °ø½Ä ÀÎÁõ ±â°ü(CA) ¼ºñ½º¸¦ Á¦°øÇÏ´Â º¥´õ³ª ±â¾÷ CA¿¡ ÀÇÇØ ¼¸íµÈ SSL ÀÎÁõ¼¸¦ ¼³Ä¡ÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÌ ÀÛ¾÷Àº ´ÙÀ½°ú °°Àº 3´Ü°è·Î ÀÌ·ç¾îÁý´Ï´Ù.
CA·ÎºÎÅÍ ÀÎÁõ¼ ÁÖ¹®
ÀÎÁõ¼ ¼¸í ¿äû(CSR)À» ¸¸µé¾úÀ¸¸é CSRÀ» »ç¿ëÇÏ¿© CA·ÎºÎÅÍ ÀÎÁõ¼¸¦ ÁÖ¹®ÇØ¾ß ÇÕ´Ï´Ù.
CA·ÎºÎÅÍ ÀÎÁõ¼¸¦ ÁÖ¹®ÇÏ·Á¸é
- ÀÎÁõ ±â°üÀÇ À¥ »çÀÌÆ®·Î °¡¼ ÀÎÁõ¼¸¦ ÁÖ¹®ÇÕ´Ï´Ù.
- CAÀÇ ¿äû¿¡ µû¶ó CSRÀ» Á¦°øÇÕ´Ï´Ù. CAÀÇ ¿äû¿¡ µû¶ó ±âŸ Á¤º¸µµ Á¦°øÇÕ´Ï´Ù.
±×·¯¸é CA·ÎºÎÅÍ ÀÎÁõ¼¸¦ ¹Þ°Ô µË´Ï´Ù. ÀÎÁõ¼¸¦ ÆÄÀÏ¿¡ ÀúÀåÇÕ´Ï´Ù. ÆÄÀÏ¿¡ ÀÎÁõ¼¿Í ÇÔ²² "BEGIN CERTIFICATE" ¹× "END CERTIFICATE" ¶óÀÎÀ» Æ÷ÇÔ½Ãŵ´Ï´Ù.
´ÙÀ½ ¿¹Á¦¿¡¼´Â ½ÇÁ¦ ÀÎÁõ¼ µ¥ÀÌÅ͸¦ »ý·«ÇÏ¿´½À´Ï´Ù.
CA·ÎºÎÅÍ ¹ÞÀº ÀÎÁõ¼ ¼³Ä¡
certadmin ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÏ¿© CA·ÎºÎÅÍ ¹ÞÀº ÀÎÁõ¼¸¦ /etc/opt/SUNWps/cert/gateway-profile-nameÀÇ ·ÎÄà µ¥ÀÌÅͺ£À̽º ÆÄÀÏ¿¡ ¼³Ä¡ÇÕ´Ï´Ù.
CA·ÎºÎÅÍ ¹ÞÀº ÀÎÁõ¼¸¦ ¼³Ä¡ÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
portal-server-install-root/SUNWps/bin/certadmin -n gateway-profile-name
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 4
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 4¸¦ ¼±ÅÃÇÕ´Ï´Ù.
½ºÅ©¸³Æ®¿¡¼ ÀÎÁõ¼ ÆÄÀÏ À̸§, ÀÎÁõ¼ À̸§ ¹× ÅäÅ« À̸§À» ÀÔ·ÂÇ϶ó°í ¿äûÇÕ´Ï´Ù.
What is the name (including path) of file that contains the certificate?
Please enter the token name you used when creating CSR for this certificate. []
- ÇÊ¿äÇÑ Á¤º¸¸¦ ¸ðµÎ ÀÔ·ÂÇϽʽÿÀ.
ÀÎÁõ¼°¡ /etc/opt/SUNWps/cert/gateway-profile-name¿¡ ¼³Ä¡µÇ°í È¸é ¸Þ½ÃÁö°¡ ³ªÅ¸³³´Ï´Ù.
- ÀÎÁõ¼°¡ Àû¿ëµÇµµ·Ï °ÔÀÌÆ®¿þÀ̸¦ ´Ù½Ã ½ÃÀÛÇÕ´Ï´Ù.
gateway-install-root/SUNWps/bin/gateway -n gateway-profile-name start
ÀÎÁõ¼ »èÁ¦ÀÎÁõ¼ °ü¸® ½ºÅ©¸³Æ®¸¦ »ç¿ëÇϸé ÀÎÁõ¼¸¦ »èÁ¦ÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÎÁõ¼¸¦ »èÁ¦ÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
¿©±â¼ gateway-profile-nameÀº °ÔÀÌÆ®¿þÀÌ ÀνºÅϽºÀÇ À̸§ÀÔ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 5
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 5¸¦ ¼±ÅÃÇÕ´Ï´Ù.
- »èÁ¦ÇÒ ÀÎÁõ¼ÀÇ À̸§À» ÀÔ·ÂÇϽʽÿÀ.
ÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼º ¼öÁ¤ÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼ºÀ» ¼öÁ¤ÇØ¾ß ÇÏ´Â ÇÑ °æ¿ì´Â °ÔÀÌÆ®¿þÀÌ¿¡¼ Ŭ¶óÀÌ¾ðÆ® ÀÎÁõÀÌ »ç¿ëµÉ ¶§ÀÔ´Ï´Ù. Ŭ¶óÀÌ¾ðÆ® ÀÎÁõÀÇ ÇÑ ¿¹´Â PDC (Personal Digital Certificate)ÀÔ´Ï´Ù. PDC¸¦ ¹ß±ÞÇÏ´Â CA´Â °ÔÀÌÆ®¿þÀÌ¿¡ ÀÇÇØ ÀÎÁõµÇ¾î¾ß Çϸç CA ÀÎÁõ¼¿¡´Â SSL¿ëÀ¸·Î "T"¶ó°í Ç¥½ÃµÇ¾î ÀÖ¾î¾ß ÇÕ´Ï´Ù.
°ÔÀÌÆ®¿þÀÌ ±¸¼º ¿ä¼Ò°¡ HTTPS »çÀÌÆ®¿Í Åë½ÅÇϵµ·Ï ¼³Á¤µÈ °æ¿ì HTTPS »çÀÌÆ® ¼¹ö ÀÎÁõ¼ÀÇ CA´Â °ÔÀÌÆ®¿þÀÌ¿¡ ÀÇÇØ ÀÎÁõµÇ¾î¾ß Çϸç CA ÀÎÁõ¼¿¡´Â SSL¿ëÀ¸·Î "C"¶ó°í Ç¥½ÃµÇ¾î ÀÖ¾î¾ß ÇÕ´Ï´Ù.
ÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼ºÀ» ¼öÁ¤ÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
¿©±â¼ gateway-profile-nameÀº °ÔÀÌÆ®¿þÀÌ ÀνºÅϽºÀÇ À̸§ÀÔ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 6
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 6¸¦ ¼±ÅÃÇÕ´Ï´Ù.
- ÀÎÁõ¼ÀÇ À̸§À» ÀÔ·ÂÇÕ´Ï´Ù. ¿¹¸¦ µé¾î, Thawte Personal Freemail C¿Í °°ÀÌ ÀÔ·ÂÇÏ¸é µË´Ï´Ù.
- ÀÎÁõ¼ÀÇ Æ®·¯½ºÆ® ¼Ó¼ºÀ» ÀÔ·ÂÇÕ´Ï´Ù.
ÀÎÁõ¼ Æ®·¯½ºÆ® ¼Ó¼ºÀÌ º¯°æµË´Ï´Ù.
·çÆ® CA ÀÎÁõ¼ ³ª¿ÀÎÁõ¼ °ü¸® ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÏ¸é ¸ðµç ·çÆ® CA ÀÎÁõ¼¸¦ º¼ ¼ö ÀÖ½À´Ï´Ù.
·çÆ® CA ¸ñ·ÏÀ» º¸·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
¿©±â¼ gateway-profile-nameÀº °ÔÀÌÆ®¿þÀÌ ÀνºÅϽºÀÇ À̸§ÀÔ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 7
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 7¸¦ ¼±ÅÃÇÕ´Ï´Ù.
¸ðµç ·çÆ® CA ÀÎÁõ¼°¡ Ç¥½ÃµË´Ï´Ù.
¸ðµç ÀÎÁõ¼ ³ª¿ÀÎÁõ¼ °ü¸® ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÏ¸é ¸ðµç ÀÎÁõ¼¿Í »óÀÀÇÏ´Â Æ®·¯½ºÆ® ¼Ó¼ºÀ» º¼ ¼ö ÀÖ½À´Ï´Ù.
¸ðµç ÀÎÁõ¼¸¦ ³ª¿ÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
¿©±â¼ gateway-profile-nameÀº °ÔÀÌÆ®¿þÀÌ ÀνºÅϽºÀÇ À̸§ÀÔ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 8
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 8¸¦ ¼±ÅÃÇÕ´Ï´Ù.
¸ðµç CA ÀÎÁõ¼°¡ Ç¥½ÃµË´Ï´Ù.
ÀÎÁõ¼ ÀμâÀÎÁõ¼ °ü¸® ½ºÅ©¸³Æ®¸¦ »ç¿ëÇϸé ÀÎÁõ¼¸¦ ÀμâÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÎÁõ¼¸¦ ÀμâÇÏ·Á¸é
- ·çÆ®·Î¼ certadmin ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÕ´Ï´Ù.
¿©±â¼ gateway-profile-nameÀº °ÔÀÌÆ®¿þÀÌ ÀνºÅϽºÀÇ À̸§ÀÔ´Ï´Ù.
ÀÎÁõ¼ °ü¸® ¸Þ´º°¡ Ç¥½ÃµË´Ï´Ù.
1) Generate Self-Signed Certificate
2) Generate Certificate Signing Request (CSR)
3) Add Root CA Certificate
4) Install Certificate From Certificate Authority (CA)
5) Delete Certificate
6) Modify Trust Attributes of Certificate (e.g., for PDC)
7) List Root CA Certificates
8) List All Certificates
9) Print Certificate Content
10) Quit
choice: [10] 9
- ÀÎÁõ¼ °ü¸® ¸Þ´ºÀÇ ¿É¼Ç 9¸¦ ¼±ÅÃÇÕ´Ï´Ù.
- ÀÎÁõ¼ÀÇ À̸§À» ÀÔ·ÂÇÕ´Ï´Ù.