Sharing the Point

Office 365, SharePoint, Project Server – Support Blog

Archive for October, 2010

How to Create a IIS 7 Web Server Certificate Signing Request (CSR)

Posted by Ashraf on October 25, 2010

Consider: Windows Server, IIS 7.5

To create a certificate signing request from iis please follow these instructions:

  • Enter the information according to your need. And Click, Next
web server certificate Request

web server certificate Request

Note: Common name must be the same name of the domain or host you are going to implement certificate

  • Select Cryptography service provider and bit length, leave this value as default. Click, Next
Cryptography service provider and bit length

Cryptography service provider and bit length

  • Save your request to a text file and send it to the certificate authority (CA) for issuing you a certificate.
Save your request as txt file

Save your request as txt file

  • Click Finish.
Advertisements

Posted in System Administration, Windows Server | Tagged: , , , , , | Comments Off on How to Create a IIS 7 Web Server Certificate Signing Request (CSR)

Generate a Certificate Signing Request (CSR) for Tomcat with Keytool

Posted by Ashraf on October 24, 2010

To generate a Certificate Signing Request (CSR), perform the following steps:

Consider: Jdk1.6 and Windows Server with Tomcat 6.0

1. Create a certificate keystore and private key with the following command:

  1. i. C:\Program Files\Java\javaversionhere\bin>keytool -genkey -alias your_alaias_name -keyalg RSA -keystore your_keystore_filename
  2. ii. Specify the password – must be at least 6 characters long, and MUST be remembered.

2. You must input the following:
* What is your first and last name? *This is the Common Name Field – The Fully Qualified Domain Name MUST be entered here*
[Unknown]: http://www.yourdomain.com
* What is the name of your organizational unit?
[Global Sign]: IT
* What is the name of your organization?
[Global Sign]: MyOrganization
* What is the name of your City or Locality?
[London]:PARIS
* What is the name of your State or Province?
[London]: PARIS
* What is the two-letter country code for this unit?
[GB]: FR
* Is CN=www.yourdomain.com, OU=IT, O=MyOrganization, L=PARIS, ST=PARIS, C=FR correct?
[no]: yes
* Enter key password for
(RETURN if same as keystore password):

3. Create the Certificate Signing Request file with the following command:

  1. C:\Program Files\Java\javaversionhere\bin>keytool -certreq -keyalg RSA -alias your_alias_name -file certreq.csr -keystore your_keystore_filename
  2. Enter keystore password: your_password_here
  3. The certreq.txt file will now be generated – this file can be entered into the website. Insure to include:
    * —–BEGIN NEW CERTIFICATE REQUEST—–
    * —–END NEW CERTIFICATE REQUEST—–

Posted in System Administration, Windows Server | Tagged: , , , , | 3 Comments »

SSL Certificate Installation in Tomcat Web Server

Posted by Ashraf on October 24, 2010

NOTE: The certificate must be installed to the same keystore that was used to generate your CSR. If you try to install it to a different keystore it will not work.

Installing The Certificates to the Keystore

1. Download your SSL Certificate file (example: mycertificate.p7b) from your certificate authority Account to the directory where your keystore was saved during the CSR creation process.

2.Type the following command to install the certificate file to your keystore:

keytool -import -trustcacerts -alias tomcat -file mycertificate.p7b -keystore .keystore

You should get a confirmation stating that the “Certificate reply was installed in keystore”

If it asks if you want to trust the certificate. Choose y or yes.

Your keystore file (.keystore) is now ready to use on your Tomcat Server and you just need to configure your server to use it.

Configuring your SSL Connector

Tomcat will first need an SSL Connector configured before it can accept secure connections.

1. Open the Tomcat server.xml file in a text editor (this is usually located in the conf folder of your Tomcat’s home directory).
2. Find the connector that will be secured with the new keystore and uncomment it if necessary (it is usually a connector with port 443 or 8443 like the example below).
3.Specify the correct keystore filename and password in your connector configuration. When you are done your connector should look something like this:

<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="tomcat" keystoreFile="c:\tomcat6.0\conf\.keystore keypass="your_keystore_password" />

4. Save your changes to the server.xml file.
5. Restart Tomcat.

Posted in System Administration, Windows Server | Tagged: , , , | Comments Off on SSL Certificate Installation in Tomcat Web Server

 
%d bloggers like this: