version 1.15, 2003/11/19 23:40:02
|
version 1.17, 2004/03/09 21:38:27
|
|
|
14. Development with Pegasus and Pegasus Tools | 14. Development with Pegasus and Pegasus Tools |
15. Commands | 15. Commands |
16. Creating SSL certifications. | 16. Creating SSL certifications. |
17. Testing with ICU enabled |
17. Configuring Pegasus to use SSL |
18. Documentation |
18. Testing with ICU enabled |
19. Participate |
19. Documentation |
|
20. Participate |
| |
| |
| |
|
|
16. Creating SSL certifications | 16. Creating SSL certifications |
================================ | ================================ |
| |
|
Please follow section 11, titled "Notes about Building Pegasus with SSL" |
|
before embarking on this endeavour. |
|
|
Type these commands in your shell to create the SSL certifications. The PEGASUS_ROOT | Type these commands in your shell to create the SSL certifications. The PEGASUS_ROOT |
and PEGASUS_HOME have to be set to your respective installation and source directory. | and PEGASUS_HOME have to be set to your respective installation and source directory. |
| |
|
|
EMAIL="test@email.address" | EMAIL="test@email.address" |
HOSTNAME=`uname -n` | HOSTNAME=`uname -n` |
sed -e "s/$CN/$HOSTNAME/" \ | sed -e "s/$CN/$HOSTNAME/" \ |
-e "s/$EMAIL/root@$HOSTNAME/" $PEGASUS_ROOT/ssl.cnf \ |
-e "s/$EMAIL/root@$HOSTNAME/" $PEGASUS_ROOT/src/Server/ssl.cnf \ |
> $PEGASUS_HOME/ssl.cnf | > $PEGASUS_HOME/ssl.cnf |
chmod 644 $PEGASUS_HOME/ssl.cnf | chmod 644 $PEGASUS_HOME/ssl.cnf |
chown bin $PEGASUS_HOME/ssl.cnf | chown bin $PEGASUS_HOME/ssl.cnf |
|
|
-keyout $PEGASUS_HOME/key.pem -out $PEGASUS_HOME/cert.pem | -keyout $PEGASUS_HOME/key.pem -out $PEGASUS_HOME/cert.pem |
| |
cat $PEGASUS_HOME/key.pem $PEGASUS_HOME/cert.pem > $PEGASUS_HOME/server.pem | cat $PEGASUS_HOME/key.pem $PEGASUS_HOME/cert.pem > $PEGASUS_HOME/server.pem |
rm $PEGASUS_HOME/key.pem $PEGASUS_HOME/cert.pem |
|
cp $PEGASUS_HOME/cert.pem $PEGASUS_HOME/client.pem | cp $PEGASUS_HOME/cert.pem $PEGASUS_HOME/client.pem |
|
rm $PEGASUS_HOME/key.pem $PEGASUS_HOME/cert.pem |
|
|
|
17. Configuring Pegasus to use SSL |
|
================================ |
|
|
|
Please follow section 11 and 16 before reading this section. |
|
|
|
To configure Pegasus to take advantage of SSL, configure |
|
cimserver_planned.conf to have: |
|
|
|
sslTrustFilePath=client.pem |
|
sslCertificateFilePath=server.pem |
|
sslKeyFilePath=file.pem |
|
httpsPort=5989 |
|
enableHttpsConnection=true |
|
|
|
(The client.pem and server.pem are the certifications |
|
files created per the steps in the earlier section). |
|
|
|
For good riddance you might consider closing down |
|
the cleartext 5988 port. Modify your cimserver_planned.conf |
|
to include: |
|
|
|
enableHttpConnection=false |
| |
17. Testing with ICU enabled: |
18. Testing with ICU enabled: |
============================== | ============================== |
| |
ICU (International Compoments for Unicode) refers to the set of libraries that | ICU (International Compoments for Unicode) refers to the set of libraries that |
|
|
If this variable is left defined, Pegasus will not be able to load messages | If this variable is left defined, Pegasus will not be able to load messages |
using ICU resource bundles. | using ICU resource bundles. |
| |
18. Documentation: |
19. Documentation: |
=================== | =================== |
| |
The documentation is currently in preperation. The preliminary documentation | The documentation is currently in preperation. The preliminary documentation |
|
|
design documentation. | design documentation. |
| |
| |
19. Participate! |
20. Participate! |
================= | ================= |
| |
We are looking for people who want to join the Pegasus work group and | We are looking for people who want to join the Pegasus work group and |