On December 12, 2013 at 20:07 , Brian Arthur
<brianpatrickart...@gmail.com> wrote:
Thank you for the information. Can you direct me to any documentation
on how to replace the certificate used by cosignd to match my new
common name? I'm guessing this is located under /etc/cosign/certs as
the first couple lines of cosign.conf are:
set cosigncadir /etc/cosign/certs/ca/
set cosigncert /etc/cosign/certs/cgi.crt
set cosignkey /etc/cosign/certs/cgi.key
set cosigntmpldir /var/www/html/login-templates
cgi login-dev.example.com <http://login-dev.example.com>
Should I be looking here:
http://webapps.itcs.umich.edu/cosign/index.php/Cosign_Wiki:Test_install_HOWTO#Certificates_generation but
replace "cgi-1" with login-dev.example.com <http://login-dev.example.com>
The instructions at that URL are fine as a starting point, but you'd
have to change the entire subject in the commands listed there, not just
the CN portion of the subject.
The best advice I can give you is:
1. Get a certificate with the proper CN in the same way you would get
any X.509 certificate for use with any service (web, LDAP, SMTP, IMAP,
etc.). How you do this will depend on if you have your own CA or are
using a commercial CA, as well as the details of your environment; but
it is not special to cosign in any way.
2. Install the new certificate and its key in the cosigncert and
cosignkey files above. (Make backup copies of the old ones just in case).
3. If you changed your CA when doing this, make sure you put any root
and intermediate certificates for the CA into the cosigncadir directory
and generate appropriate hash symlinks.
4. Restart cosignd and your central weblogin server web server service
so that both of them "see" the new certificate.
I hope this helps.
--
Mark Montague
m...@catseye.org
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss