Manage Web Server Settings¶
┌────────────────────────────────────────────────────────────────────────────┐
│ Web Server Settings │
└────────────────────────────────────────────────────────────────────────────┘
┌─┬──────────────────────────────────────────────────────────────────────────┐
│1│Manage X.509 certificate for the Web server │
│2│View or Change the "private token" (session hijacking) │
│3│Manage CA chains used for client authentication via smart cards │
│4│Recreate the PKCS#3 DH parameter file │
└─┴──────────────────────────────────────────────────────────────────────────┘
Move the cursor or enter a it's corresponding number (Q to Quit)
Main> Provisioning> Web Server>
Manage the X509 certificates¶
┌────────────────────────────────────────────────────────────────────────────┐
│ Web Server Settings │
└────────────────────────────────────────────────────────────────────────────┘
┌─┬──────────────────────────────────────────────────────────────────────────┐
│1│Install new X.509 certificate │
│2│Renew an already installed X.509 certificate │
│3│Extract private key from installed X.509 certificate │
│4│View the installed X.509 certificate │
└─┴──────────────────────────────────────────────────────────────────────────┘
Move the cursor or enter a it's corresponding number (Q to Quit)
Main> Provisioning> Web Server> X.509>
Install or renew new X.509 certificate¶
Install a new or renew an already installed X.509 certificate
Subject: C=se, ST=stockholm, L=stockholm, O=little piggys, CN=*.xpd.se
Issuer: C=se, ST=stockholm, L=stockholm, O=little piggys, CN=*.xpd.se
Not valid before: Sep 30 08:44:48 2010 GMT
Not valid after: Sep 29 08:44:48 2013 GMT [WARNING: Certificate has expired]
SHA-1: 85:9F:90:8C:40:10:EF:B7:49:21:0D:5F:B0:1D:5F:CF:70:2F:E8:6D
MD5: ED:4B:DA:A8:9E:13:9B:7C:9B:6A:00:40:8B:69:F1:73
Extensions, OID: 2.5.29.19 X509v3 Basic Constraints:
0x0000 : 30 2E 2E 2E 2E 00 00 00 00 00 00 00 00 00 00 00 : 0...............
You will need two files in total. One with the server certificate
and one file with the servers private key. (The current private key can be
extracted from the system in the previous menu)
Both files should in PEM encoded form.
Do you have both the certificate and the private key as separate files? (<Y>/n): y
Search for a USB disk? (<Y>/n): n
Ok, using the directory "/isodevice/var/transfer" instead.
Available files in /isodevice/var/transfer:
server.key
server.crt
Which file has the private key (Q to Quit) <server.key>:
Which file has the renewed certificate (Q to Quit): server.crt
Subject: C=se, ST=stockholm, L=stockholm, O=little piggys, CN=*.xpd.se
Issuer: C=se, ST=stockholm, L=stockholm, O=little piggys, CN=*.xpd.se
Not valid before: Sep 30 08:44:48 2014 GMT
Not valid after: Sep 29 08:44:48 2024 GMT
SHA-1: 85:9F:90:8C:40:10:EF:B7:49:21:0D:5F:B0:1D:5F:CF:70:2F:E8:6D
MD5: ED:4B:DA:A8:9E:13:9B:7C:9B:6A:00:40:8B:69:F1:73
Extensions, OID: 2.5.29.19 X509v3 Basic Constraints:
0x0000 : 30 2E 2E 2E 2E 00 00 00 00 00 00 00 00 00 00 00 : 0...............
Install the new X.509 certificate and private key? (<Y>/n): y
Renewed X.509 certificate installed successfully.
Restart the web server to activate the renewed certificate? (<Y>/n): y
View or Change the “private token” (session hijacking)¶
Manage the "private token" used to prevent session hijacking
Private token? (. to generate or Q to Quit) <FIXME>: .
Private token? (. to generate or Q to Quit) <2sYLjGBHi81lVfsT>:
Press any key to continue
View or Change the site URL¶
Site URL is not needed anymore and it will be removed in a future release.