Generating Private Key Files and Certificates Using Active Directory Certificate Services
19
The files to upload are described below:
Certificate
authority file:
The root certificate, which is used to sign a certificate. It
is only needed for MTLS or TLS authentication. With this
file, the CA determines that the public key contained in
the certificate belongs to the server stated in the
certificate.
This file is also generated from the CA, and it contains the
public key of the server on which Diva SIPcontrol is
installed. This file is used for encrypting information.
This file contains the private key for each endpoint, and it
is used for decrypting information. The private key file
must not be password protected.
15. Enter the common name used in the certificate in “Host name” parameter, which is
usually the FQDN of the SBA.
16. Select the “Mutual Authentication” for Authentication Mode.
17. Add the address maps as needed.
18. Click on Activate Configuration at the bottom of the page to save the configuration
and activate it. If you close the SIPcontrol web interface without activation, the new
profile will not be saved.
Generating Private Key Files and Certificates Using
Active Directory Certificate Services
The Active Directory Certificate Services is a role of the Microsoft Windows Server 2008
operating system. On Microsoft Windows Server 2008, it can be installed through the Add
Roles Wizard. On Microsoft Windows Server 2003, this service is a component and can be
installed through the Windows Component Wizard.
Note: Do not install the Active Directory Certificate Services on your DMG4000 Gateway.
Install it on a separate computer.
This section describes how to use Active Directory Certificate Services to generate private
key files and certificates for the DMG4000 Gateway.
1. Create a private key file and a certificate request file with a third party program. For
an example, see below.
Example of Creating a Private Key File and Certificate Request
The following example shows how to create a security certificate using openssl:
1. (If you use the openssl that was preinstalled on the DMG 4000 Gateway, you
can skip this step.) Download and install openssl:
http://gnuwin32.sourceforge.net/packages/openssl.htm
2. Create a folder to hold the key file and certificate request; for example:
c:\Keys\SBA1.
(31 páginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais