:Add a Pubcookie Host

From ASUW Wiki
Revision as of 17:12, 6 June 2007 by Asuwtech (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

In order to add a pubcookie host do the following steps.

Pre-Setup

  1. Make sure you have a ssl certificate for the host you want to secure with pubcookie.
    • For the most part this does not present a problem as the asuw uses a wildcard certificate which secures *.asuw.org
    • If you need to get a ssl certificate you must either use the UW Certificate Authority or use an outside source such as Thawte.
  2. Make sure that you have added this server to the ssl virtuals file
  3. Register this host at https://server-reg.cac.washington.edu/pubcookie/


Add a Pubcookie Key For This Host

Use the following code corresponding to the specific situation. Replace ssl.host with the appropriate hostname.

  • Using a specific, non-wildcard, ssl certificate.
cd /usr/lib/pubcookie
sudo ./keyclient -c /etc/apache-ssl/ssl.crt/ssl.host.crt -k /etc/apache-ssl/ssl.host.key/ssl.pem
sudo chmod 0640 keys/ssl.host
sudo chown root:www-data keys/ssl.host
  • Using the *.asuw.org certificate.
cd /usr/lib/pubcookie
sudo ./keyclient -c /etc/apache-ssl/ssl.crt/asuw.org.crt -k /etc/apache-ssl/ssl.key/asuw.org.pem -H ssl.host
sudo chmod 0640 keys/ssl.host
sudo chown root:www-data keys/ssl.host
  • Using the *.gpss.washington.edu certificate.
cd /usr/lib/pubcookie
sudo ./keyclient -c /etc/apache-ssl/ssl.crt/gpss.washington.edu.crt -k /etc/apache-ssl/ssl.key/gpss.washington.edu.pem -H ssl.host
sudo chmod 0640 keys/ssl.host
sudo chown root:www-data keys/ssl.host
Personal tools
Namespaces

Variants
Actions
Navigation
Tools