Manualshelf

User's Manual Part 2

ManualsBrandsADC Telecommunications ManualsElectronicsLong Range Wireless Transmitter
61626364656667686970
SCP-LPS20x-011-012-01H December 20, 2004
142 ADC Telecommunications, Inc.
STEP 1: CREATING SSL CERTIFICATES
There are three ways to create a digital certificate:
1. Obtain a certificate from a recognized certificate authority: This is the best option, since it ensures that your
certificate can be validated by any web browser. A number of companies offer this service for a nominal
charge. These include: Thawte, Verisign, and Entrust.
2. Become a CA and issue your own certificate: You can become your own CA and create as many certifi-
cates as you require. However, since your CA will not be included in the internal list of trusted CAs main-
tained by most browsers, customers will get a security alert until they add your CA to their browser.
3. Create a self-signed certificate: This is the least secure method since the certificate is signed using the pri-
vate key of the server rather than a CA. Self-signed certificates should generally be used for testing pur-
poses only.
CERTIFICATE TOOLS
Digital certificates can be created/managed with a variety of tools. The examples in this section use the OpenSSL
tools and components included with the ADC Backend archive. You should download and install these items as
follows:
1. Download the Backend sample archive (refer to Product Support on page 177).
2. Download openssl-0.9.7c-win32-bin.zip from http://curl.haxx.se/download.html > OpenSSL Library
Packages.
3. Open a command prompt and create the following folder on your computer:
c:\certificates and c:\certificates\ca\newcerts
4. Extract openssl-0.9.7c-win32-bin.zip into c:\certificates.
5. Extract the contents of the certificates folder in the Backend archive into c:\certificates.
You are now ready to execute the following examples.
OBTAINING A REGISTERED CERTIFICATE
This example illustrates how to create a certificate request and send it to a certificate authority to obtain a registered
public certificate.
The benefit of using a registered certificate is that the public key for these CAs is included by default in most web
browsers and eliminates warning message pop-ups.
For the purpose of this example:
the certificate will be requested for the domain name: www.company.com.
the secret password used to protect the key is your_password.
1. Open a Windows command-line session.
2. Go to the directory where you installed the certificate tools. This example assumes c:\certificates.
3. Execute the command: newreq domain_name
For example:
C:\certificates\>newreq www.company.com
You will now be prompted for a password
that will protect the new private key.
Loading 'screen' into random state - done
0 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus