I also did not try to re-start InterMapper itself...
As soon as I get in tomorrow, I will be all over the PowerMAC ... thanks for the input.
Sincerely,
Manny Gonzalez
P.S. The document for installing the certificate, was that somewhere on the distribution or on your website? I tried to do as much RTFM as I could find but that document does not look familiar to me. I don't think I came across it.
Thanks again/
William W. Fisher wrote:
The name of the certificate files is significant. Our documentation doesn't appear to say this. :(
Pick up the PEM file (05.pem) and dump it into the Certificates directory
1. Make sure you rename the PEM file to "SSLCertificateFile". This is important.
2. You should already have a file named "SSLCertificateKeyFile" in your Certificates folder. This was generated by InterMapper when you asked it to generate a private key. You can leave it there.
3. You may have to restart InterMapper after changing the certificate if you have already started SSL at least once. If InterMapper is already using an SSL certificate, it will not load the new one.
If you still have trouble, there should log messages in the Debug window. To see this window, type cmd-option-shift-Z.
If you still have trouble, please let me know.
Bill Fisher
Dartware, LLC
http://www.dartware.com
Here are the directions for installing SSL certificates in InterMapper:
The "InterMapper Settings" folder now contains a "Certificates" folder:
1. There are three files:
SSLCertificateKeyFile - contains *your* private key
SSLCertificateFile - contains *your* signed certificate (e.g. from Verisign, InstantSSL, or your RedHat Linux box)
SSLCACertificateFile - contains the public certificate chain of the signing CA's (in order)*.
* For InstantSSL, SSLCACertificateFile is the same as the ca-bundle file:
http://www.instantssl.com/support/cert_installation/ca.txt
2. If there is no SSLCertificateKeyFile, InterMapper will look for the private
key in SSLCertificateFile.
3. InterMapper will always load the additional CA certificates, if they exist,
from SSLCertificateFile first, then it will check SSLCACertificateFile if it
exists.
4. It is possible to set up the configuration so there is only one file with
everything in it: SSLCertificateFile.
5. InterMapper will convert CR's to LF's in the file data before loading it. No
need to worry about CR-LF translation issues.
(The design for this scheme is based on the SSL section of the Apache Mod-SSL
httpd.conf file.)
On Tuesday, November 12, 2002, at 07:21 PM, Manny Gonzalez wrote:
I am doing a self-signed certificate and the thing just won't work. Nothing in Intermapper tells me it is failing... no errors. When I try to connect from Netscape or Explorer, I get an orror message ...
Here is what I did:
Go into Server Settings, generate a CSR and new private key.
Saved the CSR on the desktop.
Bring it over to my Linux Redhat 7.3 box running OPENSSL
Sign the CSR for 20 years
Pick up the PEM file (05.pem) and dump it into the Certificates directory
Turn on the server with SSL clicked on
Hit it with the browser ... BOOM! Nothing happens.
Disable SSL, hit it again, WORKS!!
____________________________________________________________________ Note: To unsubscribe from this mailing list, please send email to: <mailto:InterMapper-Talk-off@;list.dartware.com> Thanks!
-- _______________________________________________ Manny Gonzalez ..................... CCIE# 9013 CORE Resources ....... NY Presbyterian Hospital ____________________________________________________________________ Note: To unsubscribe from this mailing list, please send email to: <mailto:InterMapper-Talk-off@;list.dartware.com> Thanks!
