Managing SSL Certificates for Apache
F
197
no
vd
ocx
(e
n)
13
Ma
y 20
09
F
Managing SSL Certificates for
Apache
This section discusses how to acquire and manage SSL certificates for your Novell
®
iFolder
®
3.7
servers.
Section F.1, “Generating an SSL Certificate for the Server,” on page 197
Section F.2, “Generating a Self-Signed SSL Certificate for Testing Purposes,” on page 198
Section F.3, “Configuring Apache to Point to an SSL Certificate on an iFolder Server,” on
page 198
Section F.4, “Configuring Apache to Point to an SSL Certificate on a Shared Volume for an
iFolder Cluster,” on page 199
Section F.5, “Configuring Apache to Point to an SSL Certificate on a NSS Volume for an
iFolder Cluster,” on page 200
F.1 Generating an SSL Certificate for the Server
Using SSL requires that you install an SSL certificate form on each iFolder enterprise server, Web
Admin server and Web Access server in your domain. Users accept the certificates to enable
communications with the servers.
The certificate can be a self-signed certificate or a certificate froma trusted certificate authority. A
self-signed certificate is usually used only for internal iFolder services, where the server’s identity is
not likely to be spoofed. The trusted CA signature on the certificate attests that the public key
contained in the certificate belongs to the person, organization, server, or other entity noted in the
certificate. It assures users that they are accessing a valid, non-spoofed resource. If the information
does not match or the certificate has expired, an error message warns the user.
Browsers are typically preconfigured to trust well-known certificate authorities. If you use a
Certificate Authority that is not configured into browsers by default, it is necessary to load the
Certificate Authority certificate into the browser, enabling the browser to validate server certificates
signed by that Certificate Authority.
To acquire SSL certificates for use in an operational public-key infrastructure (PKI), use one of the
following methods, depending on your network needs:
Use the self-signed certificate that is created and enabled for the server by default during the
server install.
Use the services of a third-party certificate authority to get trusted certificate, then use it instead
of accepting the default certificate during the sever install.
Summary of Contents for IFOLDER 3.7 - SECURITY ADMINISTRATION
Page 12: ...12 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 24: ...24 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 38: ...38 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 98: ...98 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 100: ...100 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 102: ...102 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 162: ...162 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 168: ...168 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 172: ...172 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 182: ...182 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 184: ...184 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 196: ...196 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 202: ...202 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...
Page 216: ...216 OES 2 SP1 Novell iFolder 3 7 Administration Guide novdocx en 13 May 2009...