If you need to use a different port change Stunnel’s configuration file as required. This is the standard port for secure web page servers and Stunnel’s default setting. If you have changed this default setting you need to change Stunnel’s configuration file to match your new port. This is the standard port for unsecured web page servers, Uniform Server (Apache) defaults to this. If you want some background information take a look at this page SSL basics. It really is that easy to produce a self signed certificate to secure your personal server. Note 2: The only thing of importance each certificate you generate is unique. The resulting certificate is fully functional however it does not look very professional when displayed in a browser. If you are feeling lazy press return at each prompt. Note 1: A default value is displayed in square brackets press return to accept this value. The information you enter is unimportant with the exception of FQDN (fully qualified domain name) if you have one use it (its the full address you would enter in a browser apart from the bit). You can repeat this process at any time, have a play and get a feel for what’s going on. Organizational Unit Name (eg, section) : Uniform Server 3.5-Apollo exampleĬommon Name (FQDN of your server) : Organization Name (eg, company) : Mike Gleaves UniCenter State or Province Name (full name) : Cambridgeshire I have highlighted in bold the type of information you enter.These are the X.509 attributes of the certificate. The next phase is a Certificate Signing Request (CSR).ĭuring this generation process you will be prompted for several pieces of information.First the private key is automatically created and requires no input from you.To start the process double click on the batch file mpg_create.bat.The file is located in folder: *\Uniform Server\udrive\home\admin\www\plugins\stunnel_424\bin The batch files mpg_create.bat allows you to create the private key and public key (certificate) in one go. The process is extremely easy, first shut down both servers and follow the instructions below. I have added the CA certificate to the client_Access_stunnel.Stunnel SSL Certificate and Key generationīefore going live with your secure server it is imperative you generate a new certificate and public key for Stunnel.Server: pid = /var/run/stunnel/server.pidĬert = /opt/quasar/cert/certs/stunnels/server.pem What I am trying to do is to use a stunnel client and with verify 3 it authenticates the user based on the certificate.Ĭlient: cert = /stunnel/client_Access_stunnel.pemĬAfile = /stunnel/client_Access_stunnel.pem I have 2x stunnels linux based, 1 server, 1 client.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |